Overview

overview

10

Static

static

3

Banco BPM ...pt.exe

windows7-x64

1

Banco BPM ...pt.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07-12-2023 07:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Banco BPM Payment _Receipt.exe

  • Size

    6KB

  • MD5

    6aa5d99f2f18d3655ae0d62884f951fe

  • SHA1

    70286e62ebdb15b55c6cca8058da53af14aaf6a3

  • SHA256

    7509bbea073fad9c718e4d7b32cec61c2288e6ecb2e3e6a29e5c203fded3f189

  • SHA512

    e1a14f6e2403a3222a715e0dc11cbf2c1491b500db889de9fb1148b22e73cb3271a2ebb291b89c7b11f1ced01573bdd2e5d9d802ad89618e3dfa4ef2ed900f7f

  • SSDEEP

    96:3mG46M9ifUo5OUPBvcQsTYQePn7yLHtPzNt:3V46M9if2UPBiTYQsn7yLHn

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Banco BPM Payment _Receipt.exe
    "C:\Users\Admin\AppData\Local\Temp\Banco BPM Payment _Receipt.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/840-0-0x0000000001190000-0x0000000001198000-memory.dmp

    Filesize

    32KB

    Download

  • memory/840-1-0x0000000074470000-0x0000000074B5E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/840-2-0x0000000004C60000-0x0000000004CA0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/840-3-0x0000000074470000-0x0000000074B5E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/840-4-0x0000000004C60000-0x0000000004CA0000-memory.dmp

    Filesize

    256KB

    Download