Analysis
-
max time kernel
150s -
max time network
148s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
11-02-2022 02:32
Static task
static1
Behavioral task
behavioral1
Sample
e6bc2a8fe0c10166a4ddad7cb804b6298d91c52c7ddd114902958639257c9f27.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
e6bc2a8fe0c10166a4ddad7cb804b6298d91c52c7ddd114902958639257c9f27.exe
Resource
win10v2004-en-20220112
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
e6bc2a8fe0c10166a4ddad7cb804b6298d91c52c7ddd114902958639257c9f27.exe
-
Size
8KB
-
MD5
f4c9178895e50ad8d4cdc8c6298ed6ef
-
SHA1
3cd35638dcdccf62f7940da5676dfb5957251797
-
SHA256
e6bc2a8fe0c10166a4ddad7cb804b6298d91c52c7ddd114902958639257c9f27
-
SHA512
f1d06872e632cb29819412c4ede205a0c3c75bdf9e17bb5784f8acfe81811a2a797bceaf55ef4802d77c1ba1dd9f4eab4d95919f83641e30ceb8fa6718a17a02
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
e6bc2a8fe0c10166a4ddad7cb804b6298d91c52c7ddd114902958639257c9f27.exedescription pid process Token: SeDebugPrivilege 604 e6bc2a8fe0c10166a4ddad7cb804b6298d91c52c7ddd114902958639257c9f27.exe