Analysis
-
max time kernel
91s -
max time network
105s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
29-06-2024 23:23
General
-
Target
invoice.exe
-
Size
2.3MB
-
MD5
5bc392a75e9f0c3b36f344096f0183cc
-
SHA1
a2f48b659efa913e5ed17d1621f517c21a9305a6
-
SHA256
81513a82573e2a72bf3b56b6b309ea2f73716f602e1f00d0ee957abd3408b6a3
-
SHA512
f9224d1f9818b2a4c93276467719e535f3f66c5f4a9d6f2287669307ecb276dfb9f202007cd9c801a0ea1ef63630eac4ca03ce9de4aab6086b9d941e54c017eb
-
SSDEEP
12288:z5DIexdM4iE+o+OKtDY2z1ZWtpMo4mSUvIZAg+GSsgHU:1DIexgo+OKtDYq12MqSUv8Ag+tY
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\invoice.exe"C:\Users\Admin\AppData\Local\Temp\invoice.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\iexplore.exe"C:\Program Files (x86)\Internet Explorer\iexplore.exe"2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1492-0-0x000001E6C7370000-0x000001E6C738E000-memory.dmpFilesize
120KB
-
memory/1492-1-0x00007FFEF97C3000-0x00007FFEF97C5000-memory.dmpFilesize
8KB
-
memory/1492-2-0x000001E6E17A0000-0x000001E6E1814000-memory.dmpFilesize
464KB
-
memory/1492-3-0x00007FFEF97C0000-0x00007FFEFA281000-memory.dmpFilesize
10.8MB
-
memory/1492-5-0x00007FFEF97C0000-0x00007FFEFA281000-memory.dmpFilesize
10.8MB