Analysis
-
max time kernel
118s -
max time network
141s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
09/03/2024, 19:27
Static task
static1
Behavioral task
behavioral1
Sample
procmap.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
procmap.exe
Resource
win10v2004-20240226-en
General
-
Target
procmap.exe
-
Size
13KB
-
MD5
0c13dfbc137a3bb4cc8da0b6301e9468
-
SHA1
f2ce29eed4c9f219dab415cf6729ee06c8fcff4d
-
SHA256
ee8ef58f3bf0dab066eb608cb0f167b1585e166bf4730858961c192860ceffe9
-
SHA512
e9343db4f416b4428745e57e47626e7ce52a21d0fa904915554fd900bab1b26d49d0f77b74bbf5404ec898b19af2287cdef3ed6b8ccf50760767eb3fc204a895
-
SSDEEP
192:QtsHSY7oXixkjdJfvW05QcXGDgvf0FT10mMejkksJ1L4NqZ36hrgWZdcFLG0F:QtYT7KoYW52X8TGwPsIN3LcBF
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: 33 4116 procmap.exe Token: SeIncBasePriorityPrivilege 4116 procmap.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4116 wrote to memory of 776 4116 procmap.exe 89 PID 4116 wrote to memory of 776 4116 procmap.exe 89 PID 4116 wrote to memory of 776 4116 procmap.exe 89
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
35B
MD5b5ed71cf2c9a612c4f2833ff3845e9b1
SHA1cc367f726b4b56d1d4c747d15527daccb7de481a
SHA256577508aceb125af92dd9ffd903fbf62df20c57ca38e8aff196f64efb52dc461d
SHA512d210b84e6b98874d5c4d2a866a010aaa36fa2b7eefa0c41ae10e0e0530d1a6e25fac3ba54356373916a5df1af593d43052a1f67012ab86e0a71a4b19eb8729a4