9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f

Analysis

max time kernel
100s
max time network
43s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
01-12-2022 09:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
Size

2.5MB
MD5

77b718ccc3c2ef9fbe929e8bfc830511
SHA1

eb45386faa26acc726571f2e01785e163351088a
SHA256

9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f
SHA512

10bc6cb8343fa9c85bca997d8f529b6be56937aac68dcc2cb7a827436528c2c62ca7d864e1493d9937a25715ec5c2f6910b101b2f34aed32d0d35ae5313b9fe7
SSDEEP

49152:37E8gEPBe7frb/TGvO90d7HjmAFd4A64nsfJtemkqWhwACyMp11Ygl0JJzqOWIb3:+dUqxko

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 27 IoCs

Processes:

9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe

pid	process
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe

description pid process

Token: SeDebugPrivilege 1612 9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe

description	pid	process
Token: SeDebugPrivilege	1612	9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe

C:\Users\Admin\AppData\Local\Temp\9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe
"C:\Users\Admin\AppData\Local\Temp\9c6e24fc8ef72b712da7fbb54f85779bdebe2457f3a4e3a1bf6643dc7494b34f.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1612

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads