Analysis
-
max time kernel
127s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
17/08/2023, 19:44
Static task
static1
Behavioral task
behavioral1
Sample
88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe
Resource
win10v2004-20230703-en
General
-
Target
88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe
-
Size
4.5MB
-
MD5
f060b2b7088f93c5071a5c6cfd5cda68
-
SHA1
d5093a44b35815caf873eeefcd9cdc998e4f0241
-
SHA256
88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49
-
SHA512
f67a3b8aa448d99abf5538f1f4375561d238d32ed50ad51a1bf5705e10a33af959a0777504ad132e21fe2d02dd098b73bfdd9a8fbb176897c8e14c98da494e90
-
SSDEEP
98304:OwECeCUxUPgs4+HUGLx+R0mCgQnKM6OpYWIzNEqPi2vJtur64aS4C/0kwA3RO6q2:OwECwu4KhQ0mCgQKGY/xiMJtur64anoF
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 4664 88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 4664 88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe 4664 88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe"C:\Users\Admin\AppData\Local\Temp\88e6a220e6cd0f70640af513309b0090d589ad18dd06f4b9ea9c65df484abd49.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4664