Analysis
-
max time kernel
135s -
max time network
138s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
08-12-2020 08:48
Static task
static1
Behavioral task
behavioral1
Sample
ZYUkX7F4.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
ZYUkX7F4.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
ZYUkX7F4.exe
-
Size
17KB
-
MD5
f7e9367898ed6ae0b7a8ad4d90cdacca
-
SHA1
339bca20aec5892a8b1cfa37fa9bae20b3286bd3
-
SHA256
f709f443072b224af79f87bcf68c9ab90ff3c9b5823e6b7f3bd91f9af97c78ad
-
SHA512
f0e8ad39d1fee942f70e0e65b1647932265d80c0605fc2b7c51ad551daf241a484363c4a18f52dd2794f108b09d1ca2e21afe11eb6e8095518d1cc8a5e90426b
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
ZYUkX7F4.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0 ZYUkX7F4.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString ZYUkX7F4.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
ZYUkX7F4.exedescription pid process Token: SeDebugPrivilege 648 ZYUkX7F4.exe