Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
10-07-2024 21:11
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df.exe
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
General
-
Target
357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df.exe
-
Size
1.3MB
-
MD5
f1d50a03a025126113412edb04baebbb
-
SHA1
4575ce76e80e4736319737604877174e238e3bc1
-
SHA256
357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df
-
SHA512
e7d1c2ba210799e5cba3ee384d12d53c33e4306cddb6b2eebdc3c2db8a13ae03ef0e31f70e98cad7f1876658332a57a00b2ea67245df5c01d5f2629387a7154e
-
SSDEEP
24576:U3LutmkEz+PAVV/bOInO4Xs2ztR4iegxLHgZpJE4VDdkt/sBlDqgZQd6XKtiMJYv:UbutmkO+wROInO4XrztygxLHkJE4VBe6
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
Processes:
357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df.exedescription ioc process File opened for modification C:\Windows\System32\alg.exe 357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df.exedescription pid process Token: SeTakeOwnershipPrivilege 2092 357f964fd1518a7b22f1d5c4cec3c89219c0ee22c5f40663f109d327ee93e7df.exe