07ad8cbbe28f2a09d778dce5d60175a7296da2bbd90ae2a6868605d236ad4ee3

Analysis

max time kernel
119s
max time network
147s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
04/11/2023, 19:19

Target

NEAS.00c5c0333a320f615dfd30037a21bee0_JC.exe
Size

691KB
MD5

00c5c0333a320f615dfd30037a21bee0
SHA1

62526a604896d885cb1bc92f2f900664e6ab9237
SHA256

07ad8cbbe28f2a09d778dce5d60175a7296da2bbd90ae2a6868605d236ad4ee3
SHA512

29a3252912246417a9a8acfbee1c9e65055378e48a2b99e5338962c262a2e8da73d75fd871e474ae55b07913d274eace682fd0f3dce14358b00239a4e42b42ff
SSDEEP

12288:ewXAwh+VqKNdQ8yRK6rkObwsToHOOWGgqvoEWH/lInNg4JYU5a0Cuxy:5Qwh+VqIi2lObXobHAEW9INFJY0au

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	NEAS.00c5c0333a320f615dfd30037a21bee0_JC.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2704	NEAS.00c5c0333a320f615dfd30037a21bee0_JC.exe

memory/2704-0-0x0000000140000000-0x00000001400B2000-memory.dmp

Filesize
712KB

Download
memory/2704-1-0x00000000002B0000-0x0000000000310000-memory.dmp

Filesize
384KB

Download
memory/2704-7-0x00000000002B0000-0x0000000000310000-memory.dmp

Filesize
384KB

Download
memory/2704-8-0x00000000002B0000-0x0000000000310000-memory.dmp

Filesize
384KB

Download
memory/2704-10-0x00000000002B0000-0x0000000000310000-memory.dmp

Filesize
384KB

Download
memory/2704-12-0x0000000140000000-0x00000001400B2000-memory.dmp

Filesize
712KB

Download