Analysis
-
max time kernel
143s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
12/06/2024, 18:43
Static task
static1
Behavioral task
behavioral1
Sample
6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0.exe
Resource
win10v2004-20240508-en
General
-
Target
6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0.exe
-
Size
3.4MB
-
MD5
a8f51de2277f3a90a0e5d7216acf22e5
-
SHA1
3b1762e980f1856eaa930ba6fef420b52f403188
-
SHA256
6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0
-
SHA512
f787556cf1da028f4b0ef317dbdfe61307020111d0c70a9cc08519ee1b609ce985f9b728ce7129aeb6bd8efc94254a11909819d30bb49a7482c81e3bde571396
-
SSDEEP
12288:MMhnTShWrCFkGz8tO96Xnbs7mSUZM0ZApusIL08VMbdMycwZf:R1CFj8kI3bs7Vn0uu3nyf
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 744 6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0.exe"C:\Users\Admin\AppData\Local\Temp\6d634e0243ccefd6e5c440775482fa38cc12ae53f0ccf46a4f7e3af5036607e0.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
PID:744
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3756,i,9746875443948590908,1444894342962555245,262144 --variations-seed-version --mojo-platform-channel-handle=4232 /prefetch:81⤵PID:924