Analysis
-
max time kernel
105s -
max time network
116s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-11-2024 09:59
Behavioral task
behavioral1
Sample
470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe
Resource
win10v2004-20241007-en
General
-
Target
470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe
-
Size
1.1MB
-
MD5
0400cc7a99396ddfbb223a9063308401
-
SHA1
a60c33e80a5043370e00d2319b739399c0cff9e4
-
SHA256
470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3
-
SHA512
e8b28964f9317d1d1b47f1dd6d97742d0e56d8c95a97d6da5c6b1502aac1aeed8c3572329addf1b29ab82aecc6324111d3f93341062c296f6df4991656f044d6
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKensz+me69Oql1IZAOH:GezaTF8FcNkNdfE0pZ9ozttwIRQVH
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exedescription pid Process Token: SeLockMemoryPrivilege 2728 470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe Token: SeLockMemoryPrivilege 2728 470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe