Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
29-01-2023 19:29
Static task
static1
Behavioral task
behavioral1
Sample
5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe
Resource
win10v2004-20221111-en
General
-
Target
5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe
-
Size
2.0MB
-
MD5
9f6db8aa43ccb18c8252f57b5b0268cf
-
SHA1
01c573bede38b1aa8941399c8f9dc9a98ef875b0
-
SHA256
5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9
-
SHA512
30f86c857a0028739ef45ea68bf2af6e4cad9e8910e7fec3ad527bf70b3aab504575298643c2092cfb2038cb7237759c45265750af7d83332bdd5edddbfc8d4d
-
SSDEEP
24576:NTGaRYQw6hNNpH05r8tLYXFkHMpg4JW1xXeMWrJPQTnKapyODtimr:N/TkLkeg4w/XYP0nrftiw
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exedescription pid process Token: SeDebugPrivilege 1996 5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe