Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-11-2024 10:26
Behavioral task
behavioral1
Sample
36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe
Resource
win10v2004-20241007-en
General
-
Target
36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe
-
Size
1.4MB
-
MD5
0dad94d47db62e1b3bb51816c86452ba
-
SHA1
f9705f7a2ff88c0acd7bd0dd0344d244ceae0096
-
SHA256
36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c
-
SHA512
348151d5d0fedc0d6c30ac0edb6e8e5ce6540b5a47fdd602c61c3a283bc51bdd9cc03532bc59c0a05669ce3d04503c46d7fa119e20f37c00ceeed29dfe9a3da2
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszaDw4B/Os/IsSAN0z3Zk:GezaTF8FcNkNdfE0pZ9ozttwIRakGNrV
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exedescription pid Process Token: SeLockMemoryPrivilege 2012 36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe Token: SeLockMemoryPrivilege 2012 36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe