Analysis
-
max time kernel
150s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
11/08/2023, 19:49
Behavioral task
behavioral1
Sample
xzr8LT5enhh7.exe
Resource
win7-20230712-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
xzr8LT5enhh7.exe
Resource
win10v2004-20230703-en
1 signatures
150 seconds
General
-
Target
xzr8LT5enhh7.exe
-
Size
32KB
-
MD5
3a5e863fd340ed83d844839092a57716
-
SHA1
331c9bb86b83200609aa4b6d36ce9f30270bb123
-
SHA256
db09709a85d82075be16e8b4810d04a14dc478d720dd8f5680d32d8afd02f3cc
-
SHA512
055a54cf506ede5caa25bc9f85e705f482b41e223688988e164ac6e459aab99d8055de93b8cf2465926b916488c64913c972b24146f13cfab06c1f820b84573c
-
SSDEEP
384:a0bUe5XB4e0XypOjfmiaXLilpknDzWTPtTUFQqz9RObb7:DT9BunjtaXWlNLb7
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 35 IoCs
description pid Process Token: SeDebugPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe Token: 33 1708 xzr8LT5enhh7.exe Token: SeIncBasePriorityPrivilege 1708 xzr8LT5enhh7.exe