Overview

overview

10

Static

static

3

Avviso di ...df.exe

windows7-x64

1

Avviso di ...df.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-12-2023 01:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Avviso di Pagamento_ SEPA_Unicredit Bank_Pdf.exe

  • Size

    192KB

  • MD5

    c83e8d01fa4bb2a29de8757bab77c261

  • SHA1

    fd996e799182968527ae6bbae5949f6970e41940

  • SHA256

    70599fe914edfb27f40868d4cab51383791548e119d48ea1cf2748362a623817

  • SHA512

    be57ca047c5d909c7d792ef4c21936988da5f5a0667f7c5d89cdfa31f34579fd3dafb04f0a0d4054b7202cfdc4a8671157e31749c20276d0e40896f9b135186a

  • SSDEEP

    3072:vgjT7lyimAFECy61CVJ1o+AeBImCytphGqsdo6pBA:vgH7lyim7CED5AeOdyqdo6p

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Avviso di Pagamento_ SEPA_Unicredit Bank_Pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\Avviso di Pagamento_ SEPA_Unicredit Bank_Pdf.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1920-0-0x00000000013D0000-0x0000000001404000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1920-1-0x0000000074E70000-0x000000007555E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1920-2-0x0000000004A20000-0x0000000004A60000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1920-3-0x0000000074E70000-0x000000007555E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1920-4-0x0000000004A20000-0x0000000004A60000-memory.dmp

    Filesize

    256KB

    Download