Analysis
-
max time kernel
133s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
26-10-2024 04:14
Static task
static1
Behavioral task
behavioral1
Sample
c7efa8300d96e250fc9001d89c0efd5022da9dc8f1a9445799d8c364e8a5a3d8.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c7efa8300d96e250fc9001d89c0efd5022da9dc8f1a9445799d8c364e8a5a3d8.exe
Resource
win10v2004-20241007-en
General
-
Target
c7efa8300d96e250fc9001d89c0efd5022da9dc8f1a9445799d8c364e8a5a3d8.exe
-
Size
2.0MB
-
MD5
79cc1a83863ad0262753576df0a8dcaa
-
SHA1
f3e02ee08ecd374da176fe3bce933184fe0bc714
-
SHA256
c7efa8300d96e250fc9001d89c0efd5022da9dc8f1a9445799d8c364e8a5a3d8
-
SHA512
9f99b7d2616b3ec3d8e22b871ffc26f7d5e25bedafb296a267c6b119e774ed9e87aa8dc96c50c8c2d832ed89624139abecef3f49e5f8f957dc4d6fd04a2fa27f
-
SSDEEP
24576:TBxcqhG/e37rZ83+zdToZJoAOM08/85RkptVIJqRt/sBlDqgZQd6XKtiMJYiPU:zgi7tbYOMjUfkptVxj/snji6attJM
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe c7efa8300d96e250fc9001d89c0efd5022da9dc8f1a9445799d8c364e8a5a3d8.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 4900 c7efa8300d96e250fc9001d89c0efd5022da9dc8f1a9445799d8c364e8a5a3d8.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD53a12882a501bb9f82963e89325a60ae9
SHA103e129c254b28c6e42794c1591ae78ea3741e65a
SHA256b60e0acacde9467cf0cbdc2a5be542f07cb546209623e8fbd0f147c249132e94
SHA512384be144c0bcda3344683681edc0a6faa8bec74ded44d6954d8b3c768544a5efb1abf0bf3f12ff8c467fb2d2c19d8c5b48a5310b1005b5b204e6533649e39515