Analysis
-
max time kernel
136s -
max time network
146s -
platform
windows7_x64 -
resource
win7v200722 -
submitted
01-08-2020 13:46
Static task
static1
Behavioral task
behavioral1
Sample
Chqe3zQa.exe
Resource
win7v200722
windows7_x64
0 signatures
0 seconds
General
-
Target
Chqe3zQa.exe
-
Size
209KB
-
MD5
1624aa120c92768bf01124abe519761a
-
SHA1
7ba8814442b40d0da01d7308117d4b9e481e7d3b
-
SHA256
7824efe18fb422bf6ddc22ced42e3d095e04a0fff127a835104b9f2f8c49ac10
-
SHA512
75077bec520ad5c417e5e0025de912939232f8f371a4e9a0cedd93a36e0a773eb51322d4f271bc622fc0182ed2fa2eefb83a4b020e48c9240acc8a4b34ab8033
Malware Config
Signatures
-
Processes:
Chqe3zQa.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA Chqe3zQa.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
Chqe3zQa.exepid process 1516 Chqe3zQa.exe 1516 Chqe3zQa.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
Chqe3zQa.exepid process 1516 Chqe3zQa.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Chqe3zQa.exedescription pid process Token: SeDebugPrivilege 1516 Chqe3zQa.exe