Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
27-08-2023 11:33
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
85abef10269eddb8818c222fab6257c5f4d6c11ea2b0667b16d07b575ea2269d.exe
Resource
win7-20230712-en
windows7-x64
2 signatures
150 seconds
General
-
Target
85abef10269eddb8818c222fab6257c5f4d6c11ea2b0667b16d07b575ea2269d.exe
-
Size
1.5MB
-
MD5
86ade85c8da7e31c88bfa55152c6be68
-
SHA1
421c3cf51b531668d5c2064204c5191196537632
-
SHA256
85abef10269eddb8818c222fab6257c5f4d6c11ea2b0667b16d07b575ea2269d
-
SHA512
fcebf2d0285b4895785e64b63d8b2a6cdc7bcba4b2073324bfd1d9a564bfbf1f8abad3e14c5fdf37930d17f0697fc68cb995f8f6bfdf42cf3d9c0c0939701951
-
SSDEEP
24576:Lpw2lV8QzZOxtNIxFaZDRLJ2oslgZSVg:1wMV8qkmAzJ2EZ
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe 85abef10269eddb8818c222fab6257c5f4d6c11ea2b0667b16d07b575ea2269d.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 1712 85abef10269eddb8818c222fab6257c5f4d6c11ea2b0667b16d07b575ea2269d.exe