Analysis
-
max time kernel
188s -
max time network
198s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
23-11-2022 18:58
Static task
static1
Behavioral task
behavioral1
Sample
de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe
Resource
win10v2004-20221111-en
General
-
Target
de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe
-
Size
376KB
-
MD5
8c73ca789ea993c19b4aa98acaee2265
-
SHA1
d386f4282d420042cab430924134f18c9cd9cefc
-
SHA256
de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee
-
SHA512
2c866e05c4cc4a1e06d1332159c5f4a67d87fb6437229e3e6d95fa2456e58611cc047930efc960e70251f1063ff243744d88816755b1ad739e485eff75e3b4bf
-
SSDEEP
6144:Khs+TEvD/J3TF5F2uWeMGVGJlt57IoProEFmR5BtTPA:J+TQVTFeun/GJeVZPA
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exedescription pid process Token: SeDebugPrivilege 1524 de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe