Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
26/12/2023, 02:16
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4c15f64e7b667dda01e42fd3197e5238.exe
Resource
win7-20231129-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
4c15f64e7b667dda01e42fd3197e5238.exe
Resource
win10v2004-20231222-en
2 signatures
150 seconds
General
-
Target
4c15f64e7b667dda01e42fd3197e5238.exe
-
Size
176KB
-
MD5
4c15f64e7b667dda01e42fd3197e5238
-
SHA1
8ff70498303305781eb89fdd3d206eeead49e4c0
-
SHA256
07e306377ac08db06bd96839df55ff0179dd22f4132a30d6d930fa476e4cf1b9
-
SHA512
0a2c22c6d80cd584291db6d1c66f5683de6774a149ccdfbea794008a74d8bda164a2e3dda961c2c7f61b5004b1051fb84a19f8e3b606a2567b8bdc2694ff5b3b
-
SSDEEP
1536:tlabv9w5dA0KrBeW1ldNNQL+HUznXsd0Jeisia/J0h+K7pFVNCl0vKF5k:tMD9udA0tW1Hieis96h+ypFVgl0vKFy
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 3020 4c15f64e7b667dda01e42fd3197e5238.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 3020 4c15f64e7b667dda01e42fd3197e5238.exe 3020 4c15f64e7b667dda01e42fd3197e5238.exe 3020 4c15f64e7b667dda01e42fd3197e5238.exe 3020 4c15f64e7b667dda01e42fd3197e5238.exe