Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
07-04-2024 22:58
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc.exe
Resource
win7-20240215-en
2 signatures
150 seconds
General
-
Target
d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc.exe
-
Size
705KB
-
MD5
d62bafb7c6bc93c0e628a1c5d508850a
-
SHA1
df5b7abe638d4a52c8b5f797d368f5deb64ee40a
-
SHA256
d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc
-
SHA512
010cc3a5073f66328e6ce118c1b444bf0fa267a0c0c4fe369d103bdc8a33bf6255601fe2cd57cce965e149275a04213b62eee99173a299637fd6bfaffcff8d7c
-
SSDEEP
12288:vW9B+VoGt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPhe:vW9BCt/sBlDqgZQd6XKtiMJYiPUe
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
Processes:
d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc.exedescription ioc process File opened for modification C:\Windows\System32\alg.exe d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc.exedescription pid process Token: SeTakeOwnershipPrivilege 2740 d15bb8084b67588a9e298fb6b6766786f7c80cb01f1d3018172781424a99a5bc.exe