Analysis
-
max time kernel
150s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20220715-en -
resource tags
arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system -
submitted
21-07-2022 20:01
Static task
static1
Behavioral task
behavioral1
Sample
1e01768f0a3e21c651b9912b7a1ffec3.exe
Resource
win7-20220715-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
1e01768f0a3e21c651b9912b7a1ffec3.exe
Resource
win10v2004-20220721-en
windows10-2004-x64
12 signatures
150 seconds
General
-
Target
1e01768f0a3e21c651b9912b7a1ffec3.exe
-
Size
1.3MB
-
MD5
1e01768f0a3e21c651b9912b7a1ffec3
-
SHA1
a685a29f95387428ce598fca8453b391ab8f2865
-
SHA256
6c86e7498865533229e0d51d8d0cf928e9bf129958e18ffe73b97410ca0589a8
-
SHA512
0606e6c8023cf21156fc9b72458d5b953454099c864e147136fb73e08d6bd4a7d81b3fc0f1f9caa82b9262f1503e3b2d7345e81974a52fd1f6413f8f4c64ca0b
Score
6/10
Malware Config
Signatures
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
1e01768f0a3e21c651b9912b7a1ffec3.exedescription pid process Token: SeDebugPrivilege 1896 1e01768f0a3e21c651b9912b7a1ffec3.exe