Analysis
-
max time kernel
140s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
02/06/2024, 01:08
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5b9e2e722be0fb53da7bf5cde3dd9489.exe
Resource
win7-20240419-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
5b9e2e722be0fb53da7bf5cde3dd9489.exe
Resource
win10v2004-20240508-en
2 signatures
150 seconds
General
-
Target
5b9e2e722be0fb53da7bf5cde3dd9489.exe
-
Size
304KB
-
MD5
5b9e2e722be0fb53da7bf5cde3dd9489
-
SHA1
4af8e27cb336e01ab595ffa7812e89507082bebe
-
SHA256
290e577270a33ca29e5687461a59e63887e39d8293a89f63b0cea095f1499954
-
SHA512
02702499a361d042415810120771a546f205c9305938733ffe1a98b0f898489e0b6dea059099165c5bd07a6098131e4933674679719ecefad2a9663e0774d37f
-
SSDEEP
6144:x3bUxWU5Q7dzRumyGzsaxHUhqLLf69tYF6m5KajeysQExQElNHworW:UO7dzRumtzIiSCpkQERlVww
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
flow ioc 1 raw.githubusercontent.com 3 raw.githubusercontent.com -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1836 5b9e2e722be0fb53da7bf5cde3dd9489.exe