Analysis
-
max time kernel
44s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
16-05-2022 22:15
Static task
static1
Behavioral task
behavioral1
Sample
9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe
Resource
win10-20220414-en
windows10_x64
0 signatures
0 seconds
General
-
Target
9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe
-
Size
71KB
-
MD5
21f6e5570cf32d457f79579c92e7b6ee
-
SHA1
a480b64c22bd1336bf0260a798837d5a3a50c123
-
SHA256
9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634
-
SHA512
52765a61c456382bfa648a80010857547c309a084b62d3753396286d0ca2dcc9b35b8424b45f166c7b2f5b9f216df449d10809b3ac766a9d1486559150ed0a31
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exepid process 1984 9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exedescription pid process Token: SeDebugPrivilege 1984 9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe"C:\Users\Admin\AppData\Local\Temp\9395567599cd77bffe0bdc2e0549e2e28bc6485a6f4d7c2ff4a9e48010223634.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken