Overview

overview

10

Static

static

10

bPti.exe

windows7-x64

1

bPti.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-08-2023 20:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bPti.exe

  • Size

    78KB

  • MD5

    e06dfd9d4bae167b3311236ae17aced7

  • SHA1

    c69256664a113ab8930d67ff11498b1e6faaf413

  • SHA256

    6967f1a5da12f10eb491bdbc40f6242c957326c41202883e7d1563a4a0e58ebd

  • SHA512

    c2a08ed25c94f031d4f7a95479761b4d235da5f6149ddf694e83174fa2dd3f0daa563ae475612b3e602c09eb7f1e8182e7fc38a2d1dad43ff85a26299020a837

  • SSDEEP

    1536:lt4+6Y9yhU19DppS5wpOk3JCK6pFNyXd6fOpd/9nEh9TGWJ0R:IhU19QwpOk5CK6zO/9ESWJ0

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 35 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bPti.exe
    "C:\Users\Admin\AppData\Local\Temp\bPti.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4124-0-0x0000000074850000-0x0000000074E01000-memory.dmp
    Filesize

    5.7MB

    Download
  • memory/4124-2-0x00000000010A0000-0x00000000010B0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4124-1-0x0000000074850000-0x0000000074E01000-memory.dmp
    Filesize

    5.7MB

    Download
  • memory/4124-3-0x0000000074850000-0x0000000074E01000-memory.dmp
    Filesize

    5.7MB

    Download
  • memory/4124-4-0x0000000074850000-0x0000000074E01000-memory.dmp
    Filesize

    5.7MB

    Download