Analysis
-
max time kernel
151s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
13-07-2022 20:09
Static task
static1
Behavioral task
behavioral1
Sample
c3dc5d22fb3d36e7e228089398815e48.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
c3dc5d22fb3d36e7e228089398815e48.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
c3dc5d22fb3d36e7e228089398815e48.exe
-
Size
18KB
-
MD5
c3dc5d22fb3d36e7e228089398815e48
-
SHA1
4105b4bc7c6b368fe73a3d378fd669a6327f93b1
-
SHA256
f96220adfda74917e800824560af98aa531b4c38f141ebb2582fe9925309814b
-
SHA512
bb37c86ba694524f53905b21b80e0aa969c101954a9f773953f98368c115233549e284c1505c8e781bb44c49972a9fcce652fe6bf48f3b6ac5b6273f4d37c599
Score
6/10
Malware Config
Signatures
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
c3dc5d22fb3d36e7e228089398815e48.exedescription pid process Token: SeDebugPrivilege 960 c3dc5d22fb3d36e7e228089398815e48.exe