Overview
overview
10Static
static
101060/0763d...ac.exe
windows7-x64
101060/0763d...ac.exe
windows10-2004-x64
101060/2b2bd...38.exe
windows7-x64
11060/2b2bd...38.exe
windows10-2004-x64
81060/2c062...34.exe
windows7-x64
61060/2c062...34.exe
windows10-2004-x64
61060/364fb...ba.exe
windows7-x64
11060/364fb...ba.exe
windows10-2004-x64
11060/a4c4f...4b.exe
windows7-x64
101060/a4c4f...4b.exe
windows10-2004-x64
101060/a50ef...ab.exe
windows7-x64
11060/a50ef...ab.exe
windows10-2004-x64
11060/a5d4b...16.exe
windows7-x64
11060/a5d4b...16.exe
windows10-2004-x64
11060/d71d4...2a.exe
windows7-x64
31060/d71d4...2a.exe
windows10-2004-x64
11060/eb417...9c.exe
windows7-x64
101060/eb417...9c.exe
windows10-2004-x64
10Analysis
-
max time kernel
147s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
17/01/2023, 10:35
Behavioral task
behavioral1
Sample
1060/0763daa2ef0dfb890d90bfd3f21e7a4252fb5c30a51e49904344a36012a79bac.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1060/0763daa2ef0dfb890d90bfd3f21e7a4252fb5c30a51e49904344a36012a79bac.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
1060/2b2bd717ef276aa3be519cb31fb4e498bb10242e110892bde18e28174bee5538.exe
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
1060/2b2bd717ef276aa3be519cb31fb4e498bb10242e110892bde18e28174bee5538.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
1060/2c062e6674533b55f8fbcb316674ecd2a1ce8f71dacb55a2cebe248fc7445334.exe
Resource
win7-20220901-en
Behavioral task
behavioral6
Sample
1060/2c062e6674533b55f8fbcb316674ecd2a1ce8f71dacb55a2cebe248fc7445334.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
1060/364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe
Resource
win7-20221111-en
Behavioral task
behavioral8
Sample
1060/364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
1060/a4c4feb3d6679413553f96ab310e0a6d62f56a84b252a22d9d406f39cea5ea4b.exe
Resource
win7-20221111-en
Behavioral task
behavioral10
Sample
1060/a4c4feb3d6679413553f96ab310e0a6d62f56a84b252a22d9d406f39cea5ea4b.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral11
Sample
1060/a50efe1f4ff14d891c56d3d15d60954945d3cfdac28d893ea14806ab17a147ab.exe
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
1060/a50efe1f4ff14d891c56d3d15d60954945d3cfdac28d893ea14806ab17a147ab.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral13
Sample
1060/a5d4bab6184ba63aedcdbcb97666630f2b134de4a39ac0bcbcfe37b7a21b6416.exe
Resource
win7-20221111-en
Behavioral task
behavioral14
Sample
1060/a5d4bab6184ba63aedcdbcb97666630f2b134de4a39ac0bcbcfe37b7a21b6416.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral15
Sample
1060/d71d4f7a18e93069f0ad7c6631f49e122710fd4c66e4e91aa8c7c03dd4bc0d2a.exe
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
1060/d71d4f7a18e93069f0ad7c6631f49e122710fd4c66e4e91aa8c7c03dd4bc0d2a.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral17
Sample
1060/eb417ff8f23a6f69a05e39264cccd83c38e44cbdf4e90c5a6455800eb3d9c09c.exe
Resource
win7-20220901-en
Behavioral task
behavioral18
Sample
1060/eb417ff8f23a6f69a05e39264cccd83c38e44cbdf4e90c5a6455800eb3d9c09c.exe
Resource
win10v2004-20221111-en
General
-
Target
1060/364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe
-
Size
1.1MB
-
MD5
e02aebe02cc62bd5646b4aa5edf81bfe
-
SHA1
290862deb1558c162725b2ef54e00491dbcf26ff
-
SHA256
364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba
-
SHA512
37dea18852bfaf65e4b29ce4e060b49a5ccee2fbaaaf8866e028e4d0aff65dc36d2452778fa455804515b23759aeb5bbe798187f468298d1e117a27a38c22415
-
SSDEEP
24576:4/W2+w7fZm2JSUpB+I/gmwqLY9HK9UnXW3ar9zd2R:4/W2+SfW061m
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2008 364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2008 364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\1060\364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe"C:\Users\Admin\AppData\Local\Temp\1060\364fb9545112672897e074456abf73a6031b313b2939d8eecec0813a5f096dba.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2008