Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
19/07/2023, 06:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Kkoetzuo.exe
Resource
win7-20230712-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Kkoetzuo.exe
Resource
win10v2004-20230703-en
9 signatures
150 seconds
General
-
Target
Kkoetzuo.exe
-
Size
745KB
-
MD5
d0fea0443b598ea2060e7ad1fb4c5b8e
-
SHA1
bed77ada64b77184047eff265b75bd71f8136f41
-
SHA256
6894f623dddd03e3be59b6785c21962cf71686a215e2db68f83f621b01afa7ef
-
SHA512
c6e73a7ba6c713e286a45f2b34dd6eb84e0226b57045175449a4460fc622d791bd1ce781da0ffe296385decfaeb1550da2700604223a43022dd3cabc4fb9543f
-
SSDEEP
12288:SNnRIRp4ejE8krkBs5Omc1sth2pC+Fnsga0GcxgE/2:KYJkrkY41sthGGc1/
Score
9/10
Malware Config
Signatures
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2660 Kkoetzuo.exe