Analysis
-
max time kernel
106s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
14-11-2024 00:16
Behavioral task
behavioral1
Sample
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe
Resource
win10v2004-20241007-en
General
-
Target
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe
-
Size
1.4MB
-
MD5
41eb8e7e55b0e2c3a7c14eaed8ee3122
-
SHA1
ed4c7542850aa735df6fd6cfdb3b52df80847023
-
SHA256
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9
-
SHA512
3842519806318cd6a3eced26b3fa999840346d94b63133cd1ad5ecb65b09cc3a0bb33f18755a35698b6ad3e96ebc4f95d5bbde917b2f2f6e0c26f9fb0a46ca4e
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszbWKDNEm/5O+7MMKTbcq:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5g
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exedescription pid Process Token: SeLockMemoryPrivilege 840 0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe Token: SeLockMemoryPrivilege 840 0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe