Analysis
-
max time kernel
105s -
max time network
114s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
13-11-2024 10:18
Behavioral task
behavioral1
Sample
32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615.exe
Resource
win10v2004-20241007-en
General
-
Target
32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615.exe
-
Size
1.4MB
-
MD5
f41978c613335d1098a6eeec04c20eb5
-
SHA1
b68e88b3f1f0ab4e0d91ec69704f8a1d3092f81f
-
SHA256
32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615
-
SHA512
06d636de7f766fdbf784fca8ecccc042ef63aebcfb8d52d22a3965f4832d71d88b09177055df025e08c5fb1c878c79fa657348910c9350c20b9cbf185b23d781
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszbWKDNEm/5O+7MMKTbcY:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5C
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615.exedescription pid Process Token: SeLockMemoryPrivilege 3452 32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615.exe Token: SeLockMemoryPrivilege 3452 32086647bf7795363d05e36d62f2932178177ffb14b8423975e49411ef0f6615.exe