Analysis
-
max time kernel
144s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
29-01-2023 21:29
Static task
static1
Behavioral task
behavioral1
Sample
216163ce632f77b9cf1885f16d11528f3119ae6ce1abdafb65f4cc3886ba0206.exe
Resource
win7-20221111-en
windows7-x64
3 signatures
150 seconds
General
-
Target
216163ce632f77b9cf1885f16d11528f3119ae6ce1abdafb65f4cc3886ba0206.exe
-
Size
232KB
-
MD5
157a62a917a00151ff2b187cbd2b9db7
-
SHA1
efb014f13ebca69140a45b437baf4af47841fdc3
-
SHA256
216163ce632f77b9cf1885f16d11528f3119ae6ce1abdafb65f4cc3886ba0206
-
SHA512
ed55d1b099191f197f14d1d161d4288cf1342bc9e015b79370c738b8d7de90bf946c24aa3566d4b89a331a0cb0d12e29e807c21309b9809201b06ca9b49ae7a2
-
SSDEEP
6144:N/Y4jpzi87wnTqo+4MhCgc1A/my31Y0Loxc:/pu8cpt29UA/myFB
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
216163ce632f77b9cf1885f16d11528f3119ae6ce1abdafb65f4cc3886ba0206.exedescription pid process Token: SeDebugPrivilege 2212 216163ce632f77b9cf1885f16d11528f3119ae6ce1abdafb65f4cc3886ba0206.exe