Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/08/2023, 15:09

General

  • Target

    bPbV.exe

  • Size

    32KB

  • MD5

    93c9932bb4d7694d7faf034c774f69ec

  • SHA1

    b31df13c384b1995ecce8588cc1a9e49b44a2226

  • SHA256

    4af08d67c5c9aa9287b61632223f0dfb2784e37469aa2aac2f47b62a59508bc6

  • SHA512

    f5ada3c7c084552a5717d1cf1b00484b5201993f2b6c922a23f25170eff6596e1110b1843463131f3cd8c2636664982d7bd336eb7fecb2168bb78d4e554e6047

  • SSDEEP

    384:d0bUe5XB4e0XuOluixBr/Q/WTEtTUFQqzFPObbu:OT9ButMifrYbBbu

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bPbV.exe
    "C:\Users\Admin\AppData\Local\Temp\bPbV.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/716-133-0x0000000075070000-0x0000000075621000-memory.dmp

    Filesize

    5.7MB

  • memory/716-134-0x0000000075070000-0x0000000075621000-memory.dmp

    Filesize

    5.7MB

  • memory/716-135-0x0000000000E00000-0x0000000000E10000-memory.dmp

    Filesize

    64KB

  • memory/716-136-0x0000000075070000-0x0000000075621000-memory.dmp

    Filesize

    5.7MB

  • memory/716-137-0x0000000075070000-0x0000000075621000-memory.dmp

    Filesize

    5.7MB

  • memory/716-138-0x0000000000E00000-0x0000000000E10000-memory.dmp

    Filesize

    64KB