e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc

Analysis

max time kernel
150s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
13/10/2023, 04:47 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
Size

587KB
MD5

139b0bdef81e287fa29e4ba132a24e2d
SHA1

821b77553f78e943c6c6cba7b828492efc9ff7e5
SHA256

e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc
SHA512

650ecfa134bea4a08db530fee3f5f7e771b67f759ae8848cca3f31d85ec879046264ee9ef4ab2764e60b3603d9e722bc0531c9a9415d38311eb6fc7b78e324c2
SSDEEP

6144:wDpbBi03fgzlFPEbortC0ZXAULveKEYKSSTHut+d5Q4FJDPKr6:X03fgzlREbortC0ZXAqveKmSSbqPr6

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
1284	e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe

C:\Users\Admin\AppData\Local\Temp\e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe
"C:\Users\Admin\AppData\Local\Temp\e837d64baa4860d78de98f961b8d59bbfa54b18b84bd684357a05d6ff241e7dc.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1284

Network

DNS

2.136.104.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.136.104.51.in-addr.arpa

IN PTR

Response
DNS

73.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.31.126.40.in-addr.arpa

IN PTR

Response
DNS

108.211.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

108.211.229.192.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

1.208.79.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.208.79.178.in-addr.arpa

IN PTR

Response

1.208.79.178.in-addr.arpa

IN PTR

https-178-79-208-1amsllnwnet
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

8.179.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.179.89.13.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

2.136.104.51.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.136.104.51.in-addr.arpa
8.8.8.8:53

73.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

73.31.126.40.in-addr.arpa
8.8.8.8:53

108.211.229.192.in-addr.arpa

dns

74 B
145 B
1
1

DNS Request

108.211.229.192.in-addr.arpa
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

1.208.79.178.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

1.208.79.178.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

8.179.89.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

8.179.89.13.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.