b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc

Analysis

max time kernel
43s
max time network
50s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
22/09/2022, 08:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
Size

3.0MB
MD5

9950576bf5901eced135674d24f04151
SHA1

8f615582b90ef0160065b810a75092d3401583b3
SHA256

b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc
SHA512

3d881f9482cfd8bde994d8eb2a4a83acb7015c69593ca86747f60c41928caf584b388877f35f2362ea706bba4c315e161a346103e2cf5693494b653c3fbd1793
SSDEEP

49152:509ZamqM3WIrb/TAvO90d7HjmAFd4A64nsfJXtCQg/6xnnmD1v3s23FMow0b3Zwu:Y3x4t3SowmKGD/p

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 29 IoCs

pid	Process
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1980	b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe

C:\Users\Admin\AppData\Local\Temp\b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe
"C:\Users\Admin\AppData\Local\Temp\b36b5bcd10e0b17cfdf73ba82b7847059b9e16cee4d91377b2c77083f2551fbc.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1980

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads