Analysis
-
max time kernel
105s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
13-11-2024 23:40
Behavioral task
behavioral1
Sample
d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799.exe
Resource
win10v2004-20241007-en
General
-
Target
d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799.exe
-
Size
1.3MB
-
MD5
5e45bd5fc2d1966d770cb1611295d0ce
-
SHA1
f3db7f02b13515bcef911ee372c71d371e39550c
-
SHA256
d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799
-
SHA512
230300ef9a6d00dc33c1b840c2fa030dbf04401a46f71467b83e7c6cb4a9693e385d7780b3c2acd21f64c5b76b9ceab7d3786344d6e243f4e1fdb62a083a4f42
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszQEMrFaQILdubDXYkbbU:GezaTF8FcNkNdfE0pZ9ozttwIRQCEnY9
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799.exedescription pid Process Token: SeLockMemoryPrivilege 4656 d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799.exe Token: SeLockMemoryPrivilege 4656 d539a8d344a49455d998df37707386ee84167f8e815c18e3129791d4470fe799.exe