Resubmissions
09-03-2023 03:48
230309-ecttxsad62 1027-09-2022 00:13
220927-ahr53adchr 1020-06-2022 00:12
220620-ag7jcsbbc2 1017-04-2022 22:07
220417-11wjbachfl 1021-12-2020 07:48
201221-ynmnr7c9la 1021-12-2020 06:38
201221-d18mx5drca 10Analysis
-
max time kernel
141s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
27-09-2022 00:13
Behavioral task
behavioral1
Sample
4ea9d70cc742f466a01bf1405a8f2682fff7691c5fc16a3f3512fd8cf64991bb.exe
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
4ea9d70cc742f466a01bf1405a8f2682fff7691c5fc16a3f3512fd8cf64991bb.exe
Resource
win10v2004-20220812-en
General
-
Target
4ea9d70cc742f466a01bf1405a8f2682fff7691c5fc16a3f3512fd8cf64991bb.exe
-
Size
138KB
-
MD5
8d3a5bf287aa12434710cd33c0b3f1c2
-
SHA1
db84020c45bebf2f71a335b1715d1d6dd6af24fe
-
SHA256
4ea9d70cc742f466a01bf1405a8f2682fff7691c5fc16a3f3512fd8cf64991bb
-
SHA512
821b35d4b871ead5d6e405fe17435ce5a5739c31f87b520dfc054ea2b17a11a5890860978842bf7cc68622c39ea12eaec596e2a0a4e9a181a56a9d1f8fd77dd0
-
SSDEEP
3072:miVBXpXMrQ3zgi7VcpuJT8SojxuArQLNXvLiJR+XCAhZ:miar6zgihcpiroVuArQLNXvLO2d
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
4ea9d70cc742f466a01bf1405a8f2682fff7691c5fc16a3f3512fd8cf64991bb.exedescription pid process Token: SeDebugPrivilege 5072 4ea9d70cc742f466a01bf1405a8f2682fff7691c5fc16a3f3512fd8cf64991bb.exe