Analysis
-
max time kernel
15s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
26/07/2024, 07:06
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
9a082f4a06e66228bb10015f7c9fc6d0N.exe
Resource
win7-20240704-en
2 signatures
120 seconds
General
-
Target
9a082f4a06e66228bb10015f7c9fc6d0N.exe
-
Size
1.7MB
-
MD5
9a082f4a06e66228bb10015f7c9fc6d0
-
SHA1
68db3bda64ae113323c0a9fa145f8ae8a1c9bcd6
-
SHA256
c4335d5cc22eb2c629991191f993abd7dcd48580ad5b71402b8d061c1faa4391
-
SHA512
ee94103997b9f08c4818194324ac8bb3a3856004ba4b942e11c87a0a4e9088f076b04098d86e3129186c5af81a99b47f9c1c96faf9b7499308792895b9b3e439
-
SSDEEP
24576:Om3YCdCTYlBeyaIPta/Bnf9ox0H6Ulnj/C70AUnQWvu:L3YCUTEeBsapfKx0Hjlne70Lrvu
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe 9a082f4a06e66228bb10015f7c9fc6d0N.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 2304 9a082f4a06e66228bb10015f7c9fc6d0N.exe