Analysis
-
max time kernel
152s -
max time network
149s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
19-04-2021 13:31
Static task
static1
Behavioral task
behavioral1
Sample
D984207F53292512ED8D7EA99B26773D.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
D984207F53292512ED8D7EA99B26773D.exe
-
Size
1.1MB
-
MD5
d984207f53292512ed8d7ea99b26773d
-
SHA1
25a3ea2519e9dc772e818197785bd787ccb90133
-
SHA256
61d7b5079186817a05fd9b9359e12d0ad5d887ef662a8a80c5bce9d40a5b7d37
-
SHA512
4b713d3cea7fc976bc188d0b165a09fb469fff071a9a2355505f3e90f68402b3c67888d578abd26e96415ab6beaf0196c793f094a5d82a9b266c8977f9cf655b
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 15 IoCs
Processes:
D984207F53292512ED8D7EA99B26773D.exepid process 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe 1652 D984207F53292512ED8D7EA99B26773D.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
D984207F53292512ED8D7EA99B26773D.exedescription pid process Token: SeDebugPrivilege 1652 D984207F53292512ED8D7EA99B26773D.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
D984207F53292512ED8D7EA99B26773D.exepid process 1652 D984207F53292512ED8D7EA99B26773D.exe