Analysis
-
max time kernel
150s -
max time network
178s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
07/12/2022, 02:23
General
-
Target
bc0368488505de5a217ff5b047e70a1788555e8c69fb00132a35f04e8bec9fb0.exe
-
Size
1.5MB
-
MD5
2b7f0ed3cf72f48c1a4f355db463fda4
-
SHA1
9331a8bbf01f4500cf4b8e547cd6b3d7c806d9b3
-
SHA256
bc0368488505de5a217ff5b047e70a1788555e8c69fb00132a35f04e8bec9fb0
-
SHA512
44d65a52b35086caa9df946f78e87f1ab5b0d2e899f489166083423874b02a630078418be9fe6bb130626c6fe1306d5873bf271d726704e35d632a81f760c8a1
-
SSDEEP
49152:kdqHXZ2oF4VMI/By12HHAQBHz6M8dcoZPaGxG:PHXZLF4Vbyw1kdcML8
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bc0368488505de5a217ff5b047e70a1788555e8c69fb00132a35f04e8bec9fb0.exe"C:\Users\Admin\AppData\Local\Temp\bc0368488505de5a217ff5b047e70a1788555e8c69fb00132a35f04e8bec9fb0.exe"1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x308 0x4981⤵
- Suspicious use of AdjustPrivilegeToken