Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
31-08-2024 07:48
Behavioral task
behavioral1
Sample
3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8.exe
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8.exe
-
Size
24KB
-
MD5
f0794d5310c299d4ac102beda80eaea9
-
SHA1
b308cb9f762bc27ce502ae5c9ed7deab7885f028
-
SHA256
3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8
-
SHA512
1c5b323f445c258a1db87621e68c479b526f72097f3025b2698a06d6c6da1f4fc5ab5967d2a09d5de5b616c174456f886f83404251f11af9c371700d742390e4
-
SSDEEP
192:QNrAjPzOpqUg7oGtl7E3cCVLGxjMPeuxVGpwHVboitxI0:QNrAnAELb7r+u1Iu6FoizI0
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs
flow ioc 18 pastebin.com 24 pastebin.com 25 0.tcp.ngrok.io 35 0.tcp.ngrok.io 74 0.tcp.ngrok.io -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 4804 3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8.exe