Overview

overview

3

Static

static

3

DHL 최종......exe

windows7-x64

1

DHL 최종......exe

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/10/2023, 06:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DHL 최종 선하증권 175955...exe

  • Size

    619KB

  • MD5

    bfc21585d9c68ae4992a1f6f75b64e84

  • SHA1

    bb1c65c007eaa34eb7d27606197f27876feec294

  • SHA256

    da316c99baf4e8e8e2df0d6d52a77774edb23a7375393a7b0b9414e8cb7b04a7

  • SHA512

    eb1f923929b8ab2f481b4362fbafc50b68ab0a743d42c26d7f9e293aa29564d0b81bbb75396e9ef83072ebb5270c0c4a60dce37f1727eb65f898a90f8c746a2d

  • SSDEEP

    12288:svwDL7mMBsePbzk6CTvLWFK0xMIgC6XuNDmWaQzyX:waLlBs2YFvaFBMfPeNkQu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DHL 최종 선하증권 175955...exe
    "C:\Users\Admin\AppData\Local\Temp\DHL 최종 선하증권 175955...exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1840

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1840-1-0x0000000074AF0000-0x00000000752A0000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/1840-0-0x0000000000410000-0x00000000004B2000-memory.dmp

          Filesize

          648KB

          Download

        • memory/1840-2-0x0000000004FA0000-0x0000000004FB0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1840-3-0x0000000002890000-0x00000000028E6000-memory.dmp

          Filesize

          344KB

          Download

        • memory/1840-4-0x0000000004E80000-0x0000000004ED2000-memory.dmp

          Filesize

          328KB

          Download

        • memory/1840-5-0x0000000004ED0000-0x0000000004F12000-memory.dmp

          Filesize

          264KB

          Download

        • memory/1840-6-0x0000000004F10000-0x0000000004F5C000-memory.dmp

          Filesize

          304KB

          Download

        • memory/1840-7-0x0000000005690000-0x0000000005C34000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/1840-9-0x0000000074AF0000-0x00000000752A0000-memory.dmp

          Filesize

          7.7MB

          Download