Analysis
-
max time kernel
105s -
max time network
115s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-11-2024 23:55
Behavioral task
behavioral1
Sample
2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622.exe
Resource
win10v2004-20241007-en
General
-
Target
2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622.exe
-
Size
1.1MB
-
MD5
a6ab5efb6ea3fdb5f5c215f590e94b08
-
SHA1
85604ca3f25f06109776d91ab6dce8fd33b84734
-
SHA256
2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622
-
SHA512
9f660388b1ec4cab63849b7a2f620eb4ce41aa428e3671ebef46ddf055be2373b9361a921fcac3bf0c673d1cf9c605d23a9299b3af63a1c168ff2213b14b2ef3
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKensz+me6GiiFaY1js:GezaTF8FcNkNdfE0pZ9ozttwIRQX/1Y
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622.exedescription pid Process Token: SeLockMemoryPrivilege 1224 2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622.exe Token: SeLockMemoryPrivilege 1224 2a3ab0e77df369b33d6e8152acd03659f9acd9c2ec3b3073cf93b1c4674cc622.exe