Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
15-03-2024 23:54
Static task
static1
Behavioral task
behavioral1
Sample
cc935f0b03156b145cb858a151519217.exe
Resource
win7-20231129-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
cc935f0b03156b145cb858a151519217.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
cc935f0b03156b145cb858a151519217.exe
-
Size
7KB
-
MD5
cc935f0b03156b145cb858a151519217
-
SHA1
494e4f4f576f9dbf5b766bfcd007346d04128097
-
SHA256
883c1d12c67b81f638bdef2b8923aed61c6b62caa3ef910aa87498c8e88f8f3e
-
SHA512
6e61fb85881cf0ff0f0bcb43784a7769d59ff80365efc9d4e306ca1caa50c78ed1ae2a58e4a2c22fb49b14ad241ffe3cdea1f034f80c3219091eca289eaaf27a
-
SSDEEP
192:4/LqvhUdKK76+dSEyncjWOITu32dgy8Qdpk1bPDD:QLwWdKK76+dGn3TtIQo1bn
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: LoadsDriver 46 IoCs
pid Process 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 668 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found 4 Process not Found -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 1844 cc935f0b03156b145cb858a151519217.exe