Analysis
-
max time kernel
105s -
max time network
115s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-11-2024 09:45
Behavioral task
behavioral1
Sample
64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd.exe
Resource
win10v2004-20241007-en
General
-
Target
64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd.exe
-
Size
1.4MB
-
MD5
8856e27afe9d4355b1e4fba85da1bd00
-
SHA1
6d47a3ad636bd4741bd59e1a5be3104bd73d94d2
-
SHA256
64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd
-
SHA512
2a6dc7f93d0262b0bf71cd594c9ecf3331291bcbc991105239eff4ec12bf18fee3b699ba6428c8af34c2703934d19e0b9eff59f4a58bd25a8989bbd2abf0c265
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszaDw4BnT6DNtMiQkLUZd:GezaTF8FcNkNdfE0pZ9ozttwIRakGngW
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd.exedescription pid Process Token: SeLockMemoryPrivilege 2288 64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd.exe Token: SeLockMemoryPrivilege 2288 64c77d42b8a4db234fc8e2b7f7d306c2ff6742c66c9f23178ec913c40b8de4bd.exe