Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
24-10-2021 23:17
Static task
static1
Behavioral task
behavioral1
Sample
RFQ-WO10 #384573-pdf.exe
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
RFQ-WO10 #384573-pdf.exe
Resource
win10-en-20211014
windows10_x64
0 signatures
0 seconds
General
-
Target
RFQ-WO10 #384573-pdf.exe
-
Size
27KB
-
MD5
e767b4d87898a75cc0d0e031e29b7284
-
SHA1
25904e769d89aa44780a4b10153744d2fa533ec6
-
SHA256
119d1a20d3e248a55981b6798bfd80191217e143feaa1e2774e4cb813bfbe6bf
-
SHA512
fdbf41860bf490ce060575914c174f1aa19d4e0d97bb0415250d5046c77e632babcdd8a2634c81650db68c8053647bdf09b68e181516c5df99dd7ebaa81fdc1b
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
RFQ-WO10 #384573-pdf.exedescription pid process Token: SeDebugPrivilege 1876 RFQ-WO10 #384573-pdf.exe