Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
14-03-2024 01:41
Static task
static1
Behavioral task
behavioral1
Sample
c75d07d3055f80498c650e6d9e1c6039.exe
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
General
-
Target
c75d07d3055f80498c650e6d9e1c6039.exe
-
Size
1.0MB
-
MD5
c75d07d3055f80498c650e6d9e1c6039
-
SHA1
a29b57770ee0ae312ec0773765e1fceff5203104
-
SHA256
6e7df11f016b14bd88995dcf0ebeb30ffc1d33b08ebbc0aa26476232f6bc9db3
-
SHA512
b24c0a6b3101c22eefe1f8eb0ead444c3ba49d3bc8ec2ae95ef5d97be2c17986bd57bbf207e12163a37416332a2f253c59fa33b1229a14985fd844729ffa9af3
-
SSDEEP
24576:hfQYosxhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRt+Gu:/o54clgLH+tkWJ0Nbu
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
flow ioc 2 api.ipify.org 3 api.ipify.org -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 3040 c75d07d3055f80498c650e6d9e1c6039.exe