Analysis
-
max time kernel
105s -
max time network
116s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
14-11-2024 01:10
Behavioral task
behavioral1
Sample
89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b.exe
Resource
win10v2004-20241007-en
General
-
Target
89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b.exe
-
Size
1.4MB
-
MD5
39a4b7f3ddf9ff06ccfd6e2ada6fd860
-
SHA1
daa86338b1604511805a53ef32b42d8aa131d347
-
SHA256
89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b
-
SHA512
29b7164956c3c11635f48da2a66c142f7e32c6abb570018794813d689fb3e8b44feea60f1253b313bf395a15554f3e189cfb03f685b6392befaf1f8e1358f10f
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszbWKDNEm/5pbkTPLEKAo:GezaTF8FcNkNdfE0pZ9ozttwIRxecdG
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b.exedescription pid Process Token: SeLockMemoryPrivilege 2444 89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b.exe Token: SeLockMemoryPrivilege 2444 89e211e04355e2ddb13c2952eefbee9bdbf48489f7334660f6076c30c68c5d3b.exe