Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 02:43
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c.exe
Resource
win7-20240215-en
windows7-x64
2 signatures
150 seconds
General
-
Target
c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c.exe
-
Size
1.4MB
-
MD5
84395028d6ae73d10c222b94897cb21d
-
SHA1
5ab370deda61e74406ea3545fd78094d55a729ff
-
SHA256
c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c
-
SHA512
3c8f1e9b393ce82c2cb0c61808f8b6fe014f9d19768b64692317cdab0dbe87c6f542b23bf0896b53f5cfec92fcc386d24d5ee1805263f13bedbf38d41ac05249
-
SSDEEP
24576:hAnARmRsDwJxmjkbl0fitGbna8FLk2m1X2D4brr:hXmRsDwHmjkblI7a8K2mFhbrr
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
Processes:
c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c.exedescription ioc process File opened for modification C:\Windows\System32\alg.exe c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c.exedescription pid process Token: SeTakeOwnershipPrivilege 3000 c37db129d14df0ae03344f534d2e53543d3d0f53286254e9359c6dd4b576562c.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3000-0-0x0000000000400000-0x000000000060B000-memory.dmpFilesize
2.0MB
-
memory/3000-1-0x0000000000610000-0x0000000000677000-memory.dmpFilesize
412KB
-
memory/3000-7-0x0000000000610000-0x0000000000677000-memory.dmpFilesize
412KB
-
memory/3000-11-0x0000000000400000-0x000000000060B000-memory.dmpFilesize
2.0MB