Analysis
-
max time kernel
105s -
max time network
115s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
14-11-2024 01:13
Behavioral task
behavioral1
Sample
6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b.exe
Resource
win10v2004-20241007-en
General
-
Target
6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b.exe
-
Size
1.4MB
-
MD5
a0c2e16b96d20a48f56f7fd8d938276d
-
SHA1
b3fa4c4eef545c7578c66fd8babdaba21660ceb4
-
SHA256
6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b
-
SHA512
e6bfec026eddc11975b8fc2813c2ec358c99cf5f961d820cb2976c0ca9eccbbcb659f98402bc2db8a57d4eac77f6898e45f47b699fd3023b2eb4cc35793c6754
-
SSDEEP
24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszbWKDNEm/5pbkTPLEU4A:GezaTF8FcNkNdfE0pZ9ozttwIRxeqA
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b.exedescription pid Process Token: SeLockMemoryPrivilege 2500 6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b.exe Token: SeLockMemoryPrivilege 2500 6ca40a8e591616515446ea72d4f05a433b79380bd03f3ec829958524bc314c5b.exe