Analysis
-
max time kernel
267s -
max time network
326s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
24-11-2022 02:30
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
Resource
win7-20221111-en
windows7-x64
14 signatures
150 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
-
Size
444KB
-
MD5
cd2f268903f9f40e2daa1c867cd814e9
-
SHA1
a84269aef1bbe3ee773501514676031f85bca7cd
-
SHA256
cacae6414253adb53f45fdde77f42642cd773f2eb6061c2dbc9a2abbf095b90a
-
SHA512
3ae4370a20b099e322308bee9476d94cfbe97110ebc6d3fe805fef83c6d90ece17b1d4cdde5d9409a7dd24cd75b7773725aa331359b4fd6f777a0d75ae03fa91
-
SSDEEP
12288:RP37aKSQW3KDZ8Wi5jWGvJdUIM/assGkwFPB7OIgcA9KqFl:J7aKS7n5/pBzLoPB7OrcWLj
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exedescription pid process Token: SeDebugPrivilege 2620 SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.TrojanX-gen.12769.19216.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"2⤵