Analysis
-
max time kernel
40s -
max time network
43s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
21-05-2022 10:15
Static task
static1
Behavioral task
behavioral1
Sample
6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe
Resource
win10-20220414-en
windows10_x64
0 signatures
0 seconds
General
-
Target
6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe
-
Size
71KB
-
MD5
5f6e646c0ccb6fe1db72d48b92fb1095
-
SHA1
79a60cbb9c12284d34e561f0afe2b246be3e4cf4
-
SHA256
6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e
-
SHA512
93500c8f70c40ca576eb3b0b970087b3f0ab477925f6e70ee31544d7663ef2bf53da607c6f53d75c6916177a8ac8af45d7c7171fa53c80500616f344af8205ec
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exepid process 948 6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exedescription pid process Token: SeDebugPrivilege 948 6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe"C:\Users\Admin\AppData\Local\Temp\6b33c7f2f55f0589987b58fde7a9552c21273ea07e4d593893b80d8ebc77627e.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken