Analysis
-
max time kernel
28s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
23-02-2023 19:22
Behavioral task
behavioral1
Sample
d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe
Resource
win7-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe
Resource
win10v2004-20230220-en
2 signatures
150 seconds
General
-
Target
d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe
-
Size
34KB
-
MD5
de6a222b4e584fabe9d6ce3809b99533
-
SHA1
520564d30def23be8eea405c718ec4ce40575976
-
SHA256
d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2
-
SHA512
93d89a07d9f5c843368dcf36365272ffb6f6c7694d8b75a37f4c9bc2118718b3be56270921a695b2f1e2903d0ed1d5fc239f8a33487ce5a9a3b00a9e75b6ae28
-
SSDEEP
768:M/nNFW9zlq/COCKOZAK7sipWQGFxRbPrSrbLy8KMVDi:MVq0/CPKOZAL+WQsOrbBV+
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exedescription pid process Token: SeDebugPrivilege 1760 d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe Token: SeDebugPrivilege 1760 d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exepid process 1760 d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe"C:\Users\Admin\AppData\Local\Temp\d83c4d375465503f3b5acb9351a69bdcadc9446862fa955ecdddbe2e24f3dee2.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx