Analysis
-
max time kernel
94s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20240730-en -
resource tags
arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system -
submitted
01-08-2024 22:58
Behavioral task
behavioral1
Sample
HadesKey SE.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
HadesKey SE.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral3
Sample
HadèsKey - Logs Decrypt.exe
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
HadèsKey - Logs Decrypt.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral5
Sample
ReActiveMe.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
ReActiveMe.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral7
Sample
Stub.exe
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Stub.exe
Resource
win10v2004-20240730-en
General
-
Target
Stub.exe
-
Size
486KB
-
MD5
364c1477a744c7f21a45f919ff3ce22d
-
SHA1
6fa4f6eb37f795350ada91c21f14a603301b84ab
-
SHA256
727131e77f2ae497e0e593f8eb3734197f12364e894f16f7d9da03b726e7aff0
-
SHA512
0139166faa6f7fe2715396f852d91b7130b8987b47cfe22e97872daf6c5c8a2344f181986b627c6e21e03a0f9abdc2e95a3e7778958d837bf949e8b41a97096d
-
SSDEEP
6144:ofyuEn2FoC2LTGzSLOwzTlFh/eHYwxTlx24PXB0I0+CDDmdZMOIv9vsZ6E/LZVf:ofPEq2TaKTPhWHLwhDDmIGcED
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 3 IoCs
Processes:
Stub.exedescription pid process Token: SeDebugPrivilege 3000 Stub.exe Token: 33 3000 Stub.exe Token: SeIncBasePriorityPrivilege 3000 Stub.exe