Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-11-2024 09:51
Behavioral task
behavioral1
Sample
1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a.exe
Resource
win10v2004-20241007-en
General
-
Target
1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a.exe
-
Size
1.4MB
-
MD5
55e6fa70604352bf72ed4d042eb9121a
-
SHA1
9baf9935b65c8568631e80f413a6fc2cdd1d5429
-
SHA256
1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a
-
SHA512
9a475beafec4fe61feb99d5c4283a6ac45d852496c76119dd98d20876ddebe0570bba7e1217f4b4a5a330bc52f5986bf2e1fe89ac03a7c92b9b0d4906ff9bf67
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszbWKDNEm/51m6PbWjhRX:GezaTF8FcNkNdfE0pZ9ozttwIRx3QjhB
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a.exedescription pid Process Token: SeLockMemoryPrivilege 3052 1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a.exe Token: SeLockMemoryPrivilege 3052 1f9a5638f3dd5570d1e583f072d39a73e4afb403de6a6b87b6c429c5e240d71a.exe