e7beaf102fca7d2d4bd4a928244cfae2fe38e248c74dee66f2a16ee18b235812

Analysis

max time kernel
119s
max time network
125s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
07/07/2024, 12:09

Target

e7beaf102fca7d2d4bd4a928244cfae2fe38e248c74dee66f2a16ee18b235812.exe
Size

1.5MB
MD5

f6fd9b4a604cca6dc2704bfad0ab3287
SHA1

e9931e417dcd0115da7c4757f00f43536a256f63
SHA256

e7beaf102fca7d2d4bd4a928244cfae2fe38e248c74dee66f2a16ee18b235812
SHA512

8eb95f30b9be59e2c9d4b33ab792a905a687b043501d75f5c7c8480155982abd3b4922f944f8f4ca19e3fa57fc04ce70e01b2781f1fc87f7927dbbc3130c1222
SSDEEP

12288:FI9B+VGzr83S1VVpERVgiqm85/ZMmoCV+SCGoNbq88ULbDg8pRBXOQE:FI9BLzr8EzERVY7zpCGSbvdfvDJO5

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	e7beaf102fca7d2d4bd4a928244cfae2fe38e248c74dee66f2a16ee18b235812.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2164	e7beaf102fca7d2d4bd4a928244cfae2fe38e248c74dee66f2a16ee18b235812.exe

memory/2164-11-0x0000000000400000-0x000000000058A000-memory.dmp

Filesize
1.5MB

Download
memory/2164-6-0x0000000000240000-0x00000000002A6000-memory.dmp

Filesize
408KB

Download
memory/2164-1-0x0000000000240000-0x00000000002A6000-memory.dmp

Filesize
408KB

Download
memory/2164-0-0x0000000000400000-0x000000000058A000-memory.dmp

Filesize
1.5MB

Download