Analysis
-
max time kernel
46s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
15-04-2022 02:08
Static task
static1
Behavioral task
behavioral1
Sample
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe
-
Size
325KB
-
MD5
08359645bddd0dfb58c44cd2e04031a3
-
SHA1
3ce31c0da59dd222facd81e2bb3d251165430154
-
SHA256
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee
-
SHA512
8321166bc96199634da034ef79e8f51a3e0dd007bb7dc8cdafb45fba75a9e6713c85ee6d14182d7fc49b9df722eb6bb0a3ae249864defa268716c6d8e85a0400
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exepid Process 2036 ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exedescription pid Process Token: SeDebugPrivilege 2036 ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exepid Process 2036 ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe 2036 ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe"C:\Users\Admin\AppData\Local\Temp\ad23aa6f1afb2b28998e1b6f17d147763a0486a00ba8b88125c41905a3eab0ee.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2036