Analysis
-
max time kernel
55s -
max time network
53s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
27-04-2024 22:28
General
-
Target
d83f04d14b3ef5742e3a5cb0c9089dea.exe
-
Size
145KB
-
MD5
d83f04d14b3ef5742e3a5cb0c9089dea
-
SHA1
5ba0a13d620b4e2352de8cd4b033c3b4b4a85015
-
SHA256
70c0d722f4eb2c9cd96a58ef04285323a897c7c28896654d4b1753e240079ad0
-
SHA512
0840f4acaf1b98b5358ad0f0b51696cf8298f2f7112401ae79a39de3b02d801403914bc21f1704b9bc3df390d0886859534d9b02385b360b598f745d18ab304b
-
SSDEEP
3072:8XZGjXpoGoByXPQs2UTXQ8yb7aFcCiSIvF68XJZ:mZGbpYByPT7lyvIcLSIvF68X
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d83f04d14b3ef5742e3a5cb0c9089dea.exe"C:\Users\Admin\AppData\Local\Temp\d83f04d14b3ef5742e3a5cb0c9089dea.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1564 -s 15842⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 376 -p 1564 -ip 15641⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1564-0-0x00000000004B0000-0x00000000004D8000-memory.dmpFilesize
160KB
-
memory/1564-1-0x0000000074740000-0x0000000074EF0000-memory.dmpFilesize
7.7MB
-
memory/1564-2-0x0000000004FE0000-0x0000000004FF0000-memory.dmpFilesize
64KB
-
memory/1564-3-0x0000000074740000-0x0000000074EF0000-memory.dmpFilesize
7.7MB