Analysis
-
max time kernel
169s -
max time network
206s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
02-12-2022 15:56
Static task
static1
Behavioral task
behavioral1
Sample
$RECYCLE.BIN/$I2M8ZT6.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
$RECYCLE.BIN/$I2M8ZT6.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
$RECYCLE.BIN/$R2M8ZT6.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
$RECYCLE.BIN/$R2M8ZT6.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
67_03_635_PDF.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
67_03_635_PDF.exe
Resource
win10v2004-20220901-en
General
-
Target
67_03_635_PDF.exe
-
Size
3.0MB
-
MD5
147c968922ab4d76d5b63ea9514bff69
-
SHA1
4ea9cf1c7703e3f0ed5a7be291dc27b44230d771
-
SHA256
7b384d4cad84fa53ded2466e2600f2658b85f66d7155cf4895d1f81810c82ca5
-
SHA512
2f7146db39f13edd8ff10aebaa554366fcf33754521b25d29e354bfb4e29f9f2b22438a847f3c52b736791237191214e718bd8b361dcd6b2b8ccecdcebdd2391
-
SSDEEP
98304:y81XfekfvDqec/kf3MuR38VDRkB00XWz+pGi:y8ZWQOLsf52V1k+0I
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
67_03_635_PDF.exedescription pid process Token: SeDebugPrivilege 2040 67_03_635_PDF.exe