Analysis
-
max time kernel
45s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
10-02-2023 19:26
Behavioral task
behavioral1
Sample
7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe
Resource
win7-20220901-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe
-
Size
34KB
-
MD5
2a697ec6e55a50d8ac0e6fba07bff485
-
SHA1
61ffcaa462c071cd8d14ecbd3bc417504b4b6ce7
-
SHA256
7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5
-
SHA512
1c1d1c59e18a422159f14a0052ae67b7e006a3ddff57f8cae4f55afcd4f9b07142f0dee346ea39fc744211f442e2e6b604d4259fc647e27b0fbc24bfaeb63f6e
-
SSDEEP
768:M/nNFW9zlq/COCKOZAK7sipWQGFxRbPrSrbLy8KMVDi:MVq0/CPKOZAL+WQsOrbBV+
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exedescription pid process Token: SeDebugPrivilege 1464 7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe Token: SeDebugPrivilege 1464 7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exepid process 1464 7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe"C:\Users\Admin\AppData\Local\Temp\7703d0315fd908461189b7619c82e1e9fe1598b6b1338d209998fb34f0d9acf5.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1464