2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad

Analysis

max time kernel
92s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06-08-2024 09:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eicar_com.zip
Size

184B
MD5

6ce6f415d8475545be5ba114f208b0ff
SHA1

d27265074c9eac2e2122ed69294dbc4d7cce9141
SHA256

2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad
SHA512

d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeManageVolumePrivilege	3136	svchost.exe

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\eicar_com.zip
1⤵
PID:2744

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm

Filesize
16KB

MD5
b17952c7981408f6d8643ac508445e1f

SHA1
bada2aceb872c232e5865580c8c488b70797609b

SHA256
a2356da9d919400a3917aa651d0bb4b318d11793124d04ed513b5805a652b987

SHA512
6b64e17ddeaed3fd4e4418415637655f537cfae31b1884e4afe3a8ca149e56b21dbd4c480677cae209e082fbb69c716b646e83cb229625a92d39d82180056cad

Download Submit
memory/3136-40-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-33-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-42-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-34-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-35-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-36-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-37-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-38-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-43-0x0000025033B80000-0x0000025033B81000-memory.dmp

Filesize
4KB

Download
memory/3136-16-0x000002502B940000-0x000002502B950000-memory.dmp

Filesize
64KB

Download
memory/3136-68-0x0000025033DD0000-0x0000025033DD1000-memory.dmp

Filesize
4KB

Download
memory/3136-32-0x0000025033F30000-0x0000025033F31000-memory.dmp

Filesize
4KB

Download
memory/3136-39-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download
memory/3136-44-0x0000025033B70000-0x0000025033B71000-memory.dmp

Filesize
4KB

Download
memory/3136-46-0x0000025033B80000-0x0000025033B81000-memory.dmp

Filesize
4KB

Download
memory/3136-49-0x0000025033B70000-0x0000025033B71000-memory.dmp

Filesize
4KB

Download
memory/3136-52-0x0000025033AB0000-0x0000025033AB1000-memory.dmp

Filesize
4KB

Download
memory/3136-0-0x000002502B840000-0x000002502B850000-memory.dmp

Filesize
64KB

Download
memory/3136-64-0x0000025033CB0000-0x0000025033CB1000-memory.dmp

Filesize
4KB

Download
memory/3136-66-0x0000025033CC0000-0x0000025033CC1000-memory.dmp

Filesize
4KB

Download
memory/3136-67-0x0000025033CC0000-0x0000025033CC1000-memory.dmp

Filesize
4KB

Download
memory/3136-41-0x0000025033F60000-0x0000025033F61000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads