Analysis
-
max time kernel
150s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
22-09-2023 06:15
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe
Resource
win7-20230831-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe
-
Size
904KB
-
MD5
2614bb5963fc99bbb63d40d0004c4fea
-
SHA1
c051e5aaee2b1e18b88908f646c2ffa672fc6ba0
-
SHA256
dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5
-
SHA512
74bf13b6618e85458667594dd3fd13a6196c29b642f9ab0b2df09f7923e6bedc0023c56cf9b2eea5a054b5986033b9878a7a4ca358f28a79e89f12dcc3e48145
-
SSDEEP
12288:GULSPnFlUeo30sL4eM2q92B5XbH9bUdnKkyDn+Co:GULS92ks8eKe5rH1UdnK/Dn+Co
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe 3104 dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe"C:\Users\Admin\AppData\Local\Temp\dd9b9feda82c4a9d0dea7c8498c8ca9548cf1980c3f5ac132fd00e756cdb32c5.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:3104