Analysis
-
max time kernel
105s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
14-11-2024 00:16
Behavioral task
behavioral1
Sample
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe
Resource
win10v2004-20241007-en
General
-
Target
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe
-
Size
1.4MB
-
MD5
41eb8e7e55b0e2c3a7c14eaed8ee3122
-
SHA1
ed4c7542850aa735df6fd6cfdb3b52df80847023
-
SHA256
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9
-
SHA512
3842519806318cd6a3eced26b3fa999840346d94b63133cd1ad5ecb65b09cc3a0bb33f18755a35698b6ad3e96ebc4f95d5bbde917b2f2f6e0c26f9fb0a46ca4e
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszbWKDNEm/5O+7MMKTbcq:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5g
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exedescription pid Process Token: SeLockMemoryPrivilege 4576 0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe Token: SeLockMemoryPrivilege 4576 0e2858d28c7c26a834d24e7142e6d4e67dea15665fd138a1e5200c8efb334ad9.exe