757b89f70e40ef357322ee86a923ea49696e4413919f7971091b35c4c0a2f0f6

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
17/04/2024, 05:22

Target

757b89f70e40ef357322ee86a923ea49696e4413919f7971091b35c4c0a2f0f6.exe
Size

705KB
MD5

955e4a810e5a844ea9401a7a794e5e99
SHA1

6a42f3e90b5bd73fe031376aca0c83cb03809dc6
SHA256

757b89f70e40ef357322ee86a923ea49696e4413919f7971091b35c4c0a2f0f6
SHA512

def7517e895a94d20e65207b72eb08a4e7daa08df5c2063992db74682f05ed39cffc964be813026707e5f9efb6da8d1b0e01ffe6942ae91140d87679c74df637
SSDEEP

12288:NW9B+Vt3Dbif4YAJ93y1NrLiLtJ8nBxu7DCOzRq8DvQgqAbhI:NW9BOHofe3y1sInB2COzRq8DvFqt

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	757b89f70e40ef357322ee86a923ea49696e4413919f7971091b35c4c0a2f0f6.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	1696	757b89f70e40ef357322ee86a923ea49696e4413919f7971091b35c4c0a2f0f6.exe

memory/1696-0-0x00000000004C0000-0x0000000000527000-memory.dmp

Filesize
412KB

Download
memory/1696-1-0x0000000000400000-0x00000000004B5000-memory.dmp

Filesize
724KB

Download
memory/1696-6-0x00000000004C0000-0x0000000000527000-memory.dmp

Filesize
412KB

Download
memory/1696-10-0x0000000000400000-0x00000000004B5000-memory.dmp

Filesize
724KB

Download