Resubmissions
02-09-2024 02:19
240902-crxs1syfmm 1007-07-2024 21:02
240707-zvllgsyaqp 1001-07-2024 21:37
240701-1gjemsverk 10Analysis
-
max time kernel
40s -
max time network
50s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system -
submitted
01-07-2024 21:37
Static task
static1
Behavioral task
behavioral1
Sample
4363463463464363463463463.exe
Resource
win11-20240611-en
Behavioral task
behavioral2
Sample
New Text Document mod.exe
Resource
win11-20240611-en
Behavioral task
behavioral3
Sample
New Text Document mod.exe
Resource
win11-20240508-en
General
-
Target
New Text Document mod.exe
-
Size
8KB
-
MD5
69994ff2f00eeca9335ccd502198e05b
-
SHA1
b13a15a5bea65b711b835ce8eccd2a699a99cead
-
SHA256
2e2e035ece4accdee838ecaacdc263fa526939597954d18d1320d73c8bf810c2
-
SHA512
ced53147894ed2dfc980bcb50767d9734ba8021f85842a53bb4bb4c502d51b4e9884f5f74c4dd2b70b53cafbe2441376675f7bd0f19bb20a3becb091a34fb9f3
-
SSDEEP
96:y7ov9wc1dN1Unh3EHJ40CUJCrQt0LpCBIW12nEtgpH9GIkQYQoBNw9fnmK5iLjTv:yZyTFJfCB20LsBIW12n/eIkQ2BNg5S1
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
New Text Document mod.exedescription pid Process Token: SeDebugPrivilege 2244 New Text Document mod.exe