Analysis
-
max time kernel
149s -
max time network
134s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
20-12-2020 11:48
Static task
static1
Behavioral task
behavioral1
Sample
gJkwNm51.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
gJkwNm51.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
gJkwNm51.exe
-
Size
16KB
-
MD5
3e33a631d9d6f2ff94ef2319ef884404
-
SHA1
55868a9802337bad0b38cc7dbdd29bf34b85a761
-
SHA256
d55e337427661c52f506073a5d280cd1a25b4489566f06cef9e5dd4bd592c037
-
SHA512
f044bb09e83f7c8a3ff92b94a1b0706063119312d1dce201e2c5f6c810dbf67ecc48a21e61c9381dc2dd38e29b39477337f7ae93190a582eab1923bbd4a11da9
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
gJkwNm51.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0 gJkwNm51.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString gJkwNm51.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
gJkwNm51.exedescription pid process Token: SeDebugPrivilege 2028 gJkwNm51.exe