Analysis
-
max time kernel
228s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
23-11-2022 15:48
Behavioral task
behavioral1
Sample
b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35.exe
Resource
win7-20221111-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35.exe
-
Size
142KB
-
MD5
08530dbfaf7a7750d3f4e87fa98bba27
-
SHA1
f3e06de9e9043ca88eb11b55a80aa404b5354791
-
SHA256
b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35
-
SHA512
df93e03f1dc2f61297b30db981982c1117881ccf53a66952a2115e6a4e1a406bc06823dd1bbd8df31c1c26c8eba6d80c00fd09838ef7146f915a1305372cc526
-
SSDEEP
3072:BeQYPX1Sp7+tFDZzxqE/34pEX9yjZcw7+kBeqovQ5:B+EoFDB3E8YZcw7+Weqo45
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35.exedescription pid process Token: SeBackupPrivilege 268 b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35.exe Token: SeRestorePrivilege 268 b84e82c88865a13df6a16bffbc94f3204f4dba1aedb7f285781a9b1867208f35.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/268-54-0x0000000074ED1000-0x0000000074ED3000-memory.dmpFilesize
8KB