Analysis
-
max time kernel
149s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
05-06-2023 19:06
Behavioral task
behavioral1
Sample
xXJ5tCzlXPdY.exe
Resource
win7-20230220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
xXJ5tCzlXPdY.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
xXJ5tCzlXPdY.exe
-
Size
32KB
-
MD5
dfdf6e602a96160090c48334031a2574
-
SHA1
1891fb4a8b6c3b2c8a25473f833cebea163113bb
-
SHA256
257d66d9dc5b7e9cc863f241c2375e798634e1fd9e545f374fbd21535999ba13
-
SHA512
56e30cac4a47c95e2ed416f0886a0157f34fdf1411fef975fdbd098c77efa7722e1b8628ff185e96f9a1a5750c937722d6e37553167639fd9344ed2670cf6ddd
-
SSDEEP
384:20bUe5XB4e0XmOhmANuiEO0YaMWT7tTUFQqzFOObbL:XT9Bu1IguiEYgQbL
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 37 IoCs
Processes:
xXJ5tCzlXPdY.exedescription pid process Token: SeDebugPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe Token: 33 1924 xXJ5tCzlXPdY.exe Token: SeIncBasePriorityPrivilege 1924 xXJ5tCzlXPdY.exe