Overview

overview

10

Static

static

3

Potwierdze...ty.exe

windows7-x64

1

Potwierdze...ty.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01/09/2023, 16:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Potwierdzenie_wplaty.exe

  • Size

    6KB

  • MD5

    26b37737d30e4accf3274620d7dab75f

  • SHA1

    fe1ae18028f145c9e2ef43eb9f7a611bc581f8f0

  • SHA256

    e029bc85866faf62332458961316cf1561c335b06076936f9e1ae87cbc0a868e

  • SHA512

    723b20c43fced9ca67538fdb39d3c5e3cf9a7334f25770b049a73f3472ea2423110af3818c4c70c50c914b09ec7c167b689e79e38a602acc3fc73a70d9bd470c

  • SSDEEP

    96:Ws9ycajcgfud1KPU4SQ8gN8KpDHEAx6zNt:Ws9wcgfy1J4ZfvpD18

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Potwierdzenie_wplaty.exe
    "C:\Users\Admin\AppData\Local\Temp\Potwierdzenie_wplaty.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2140

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2140-0-0x0000000000130000-0x0000000000138000-memory.dmp

          Filesize

          32KB

          Download

        • memory/2140-1-0x0000000074700000-0x0000000074DEE000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/2140-2-0x0000000004C40000-0x0000000004C80000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2140-3-0x0000000074700000-0x0000000074DEE000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/2140-4-0x0000000004C40000-0x0000000004C80000-memory.dmp

          Filesize

          256KB

          Download