Overview

overview

3

Static

static

3

RPC_Dumper.exe

windows7-x64

1

RPC_Dumper.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    12s
  • max time network
    15s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-02-2024 17:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RPC_Dumper.exe

  • Size

    1.5MB

  • MD5

    ec60980742196d8dd77df142aaa8a647

  • SHA1

    e56362ca6c1fdc8697c67590c4ad8db32b3c3baf

  • SHA256

    8019ebd0ce0d34f855fe08e7fc0860208eec6f048459f947e2b16ca776240555

  • SHA512

    8570f40a15e41faeba05b5de1122f1ddabeb3d58b93676428947b1a9795ca2dbb050af65b47c28607592946e61ed432a835d7accebc5d5f9a1e802c8fbd061df

  • SSDEEP

    24576:wwcyIwg5lwkRdq3a+n7v03TminUkgQYUbkcK+Ca9jm9Z089TFfvVkxQKW3:wwGSkG3Bn783vSskc/+yOTFcQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\RPC_Dumper.exe
    "C:\Users\Admin\AppData\Local\Temp\RPC_Dumper.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2484-0-0x0000000000D60000-0x0000000000EEA000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2484-1-0x00000000745F0000-0x0000000074CDE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2484-2-0x0000000004990000-0x00000000049D0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2484-3-0x0000000004E10000-0x0000000004F36000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2484-4-0x00000000745F0000-0x0000000074CDE000-memory.dmp

    Filesize

    6.9MB

    Download