Analysis
-
max time kernel
0s -
max time network
3s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
27-01-2024 01:56
Errors
Reason
Reading agent response: read tcp 10.127.0.1:53982->10.127.0.191:8000: read: connection timed out
General
-
Target
78fac0f3e40205f9a0c3feffb3ca2aa4.exe
-
Size
19KB
-
MD5
78fac0f3e40205f9a0c3feffb3ca2aa4
-
SHA1
d771e77e288a02c70b38743ef9adcca8f0373fac
-
SHA256
47fb24091a825e28bb4385f507297c087a4fabfda6ad744562a724567cb9b866
-
SHA512
5432d82f4b120b2c7c22789f383b120d68e88c367fedf84970ac237f38adafea3878fec281dff9e7c32f05a0606ccedcd6e2b56a0cb1bb16e487fad695099b5b
-
SSDEEP
384:4t8s7q2vDsbM1gMfRK6a7c+ZborbguZKfUCY4rXtYlgZ:4es7q2wbM1gMPaZUgu4fhrXGgZ
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\78fac0f3e40205f9a0c3feffb3ca2aa4.exe"C:\Users\Admin\AppData\Local\Temp\78fac0f3e40205f9a0c3feffb3ca2aa4.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken