Analysis
-
max time kernel
148s -
max time network
161s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
30-01-2022 16:45
Static task
static1
Behavioral task
behavioral1
Sample
02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe
-
Size
10.0MB
-
MD5
141a6528801be0eac7e7efe0ff59bf10
-
SHA1
a6193e8bf91925d35256eee6dbba43540148b529
-
SHA256
02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8
-
SHA512
1097e7257df0ac3647cb4dd3e5ef5a1345e40bfa6663eb3d9107912ae7f6daf42d7e82d3e4467fcb4a5bfe5c78c87ed1aff9dfcbe301664f68add0d29dacf07e
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exepid Process 2668 02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe 2668 02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exedescription pid Process Token: SeDebugPrivilege 2668 02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe"C:\Users\Admin\AppData\Local\Temp\02e10231a6a383ff07fd6d25b3dc8dac57b077d7f27d712887a897fb6064a0c8.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2668