Analysis
-
max time kernel
58s -
max time network
79s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
24-02-2023 13:15
Behavioral task
behavioral1
Sample
0bedfe8ac63a740e05a85ed446f4adeb.exe
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
0bedfe8ac63a740e05a85ed446f4adeb.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
0bedfe8ac63a740e05a85ed446f4adeb.exe
-
Size
87KB
-
MD5
0bedfe8ac63a740e05a85ed446f4adeb
-
SHA1
93a94ba8081f4287ea2a45b19ef5e8c829d1b3d4
-
SHA256
1de4ab70519cb3e55ee44410bf6f513751d9005f5d8921ee3257c20f0b82b1d8
-
SHA512
baea055f6ab7bf71dfc4e4ba3f60297fd6d2618ee7bbb5b8b2b3695b7b2aca267e8b248ece4a6bf1b601716af19eb9c7929e0d8ff63928f18dbb234910ce1dcf
-
SSDEEP
1536:5DTPKDyW5lvrtxfyZ7V9N4INCxVnA2rbxM3pf7IO6CFQ0:RjS5bE7PWvy64
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes:
0bedfe8ac63a740e05a85ed446f4adeb.exepid process 2944 0bedfe8ac63a740e05a85ed446f4adeb.exe 2944 0bedfe8ac63a740e05a85ed446f4adeb.exe 2944 0bedfe8ac63a740e05a85ed446f4adeb.exe 2944 0bedfe8ac63a740e05a85ed446f4adeb.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
0bedfe8ac63a740e05a85ed446f4adeb.exedescription pid process Token: SeDebugPrivilege 2944 0bedfe8ac63a740e05a85ed446f4adeb.exe Token: SeDebugPrivilege 2944 0bedfe8ac63a740e05a85ed446f4adeb.exe