8133c3c1e5dde7c9b4d9d5c9a07e37b733fd0223fc9d035c3f386f034a434af5

Analysis

max time kernel
146s
max time network
149s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
21-06-2024 11:52

Target

bounty-84935243626864440.exe
Size

256KB
MD5

18f497deffe88b6b2cff336a277aface
SHA1

4e1413241d3d3e4dbff399d179f8fd64f3ecd39e
SHA256

8133c3c1e5dde7c9b4d9d5c9a07e37b733fd0223fc9d035c3f386f034a434af5
SHA512

35c804ec73001fe66d57bd2fadc51cd399edbc2e550c4257f29aac5a24a9f9c030c582d50239dec41605801263fd5739444aa14f9683f99f726152cc1bb6920d
SSDEEP

6144:nBVW/VzXGbDL8uWslV9Dyjog2RoRT9V9VW3aT6UeAsjsAcaW0:MpX28uWslV9Dyjog2RoRT9V9VW3aT6Ui

Score

1^/10

Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes:

bounty-84935243626864440.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

bounty-84935243626864440.exe

description	pid	Process
Token: SeDebugPrivilege	2180	bounty-84935243626864440.exe

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

bounty-84935243626864440.exe

pid	Process
2180	bounty-84935243626864440.exe

memory/2180-0-0x000007FEF5C23000-0x000007FEF5C24000-memory.dmp

Filesize
4KB

Download
memory/2180-1-0x00000000009F0000-0x0000000000A36000-memory.dmp

Filesize
280KB

Download
memory/2180-2-0x0000000000450000-0x0000000000456000-memory.dmp

Filesize
24KB

Download
memory/2180-4-0x000007FEF5C20000-0x000007FEF660C000-memory.dmp

Filesize
9.9MB

Download
memory/2180-5-0x000007FEF5C20000-0x000007FEF660C000-memory.dmp

Filesize
9.9MB

Download
memory/2180-6-0x000007FEF5C23000-0x000007FEF5C24000-memory.dmp

Filesize
4KB

Download
memory/2180-7-0x000007FEF5C20000-0x000007FEF660C000-memory.dmp

Filesize
9.9MB

Download