Analysis
-
max time kernel
47s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
24-09-2022 22:19
Static task
static1
Behavioral task
behavioral1
Sample
5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe
Resource
win10-20220812-en
General
-
Target
5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe
-
Size
56KB
-
MD5
2ccf48338071a18c1a7377bf30831c8c
-
SHA1
31acd7880c6c73fe496574d082cb3a35ab1086f0
-
SHA256
5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718
-
SHA512
d17c486cd6ba7d66e1fb2e74e6316c61dd2c999a2dfbcb4628966ed7c6afe70d29dc43da450063b4ba046582d420ff0fc8a3a0d9da114a2536739d463a59c75d
-
SSDEEP
768:5d/ENsRzJS7M6Yh3VaXBM6oeeNfHR0aaCWnhxbgT88KeebHaqQRMJx3M:EeeM6Yho/oeentaCWLbgozOqQ48
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exepid process 1720 5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exedescription pid process Token: SeDebugPrivilege 1720 5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe"C:\Users\Admin\AppData\Local\Temp\5a2bd9fbb6c7cfde9dbdd52697478996129a8e7cd580f094afe747941d259718.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken