Analysis
-
max time kernel
6s -
max time network
12s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
05-11-2020 05:31
Static task
static1
Behavioral task
behavioral1
Sample
9776c30b3da247119ea6d9eb6b2da03c9087f2ea53a6fa9fcd9bebd6f18c8288.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
9776c30b3da247119ea6d9eb6b2da03c9087f2ea53a6fa9fcd9bebd6f18c8288.exe
Resource
win10v20201028
General
-
Target
9776c30b3da247119ea6d9eb6b2da03c9087f2ea53a6fa9fcd9bebd6f18c8288.exe
-
Size
49KB
-
MD5
6b65c98e45e7bc9086ccf02e04379e4a
-
SHA1
f8c86d81813265a1ac99397136b779db146c28fe
-
SHA256
9776c30b3da247119ea6d9eb6b2da03c9087f2ea53a6fa9fcd9bebd6f18c8288
-
SHA512
380f1736c32c428f190446646580b7ace8060f2fbb7dfeb71cf330e2666fe88d2870870d3c283fe565e074447e3b8acb526cd4fe91c47f695624a13701db0898
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
9776c30b3da247119ea6d9eb6b2da03c9087f2ea53a6fa9fcd9bebd6f18c8288.exedescription pid process Token: SeDebugPrivilege 1992 9776c30b3da247119ea6d9eb6b2da03c9087f2ea53a6fa9fcd9bebd6f18c8288.exe