882a172034d3ebe0f6840b0381c3710ccc0fe8ea9ae990c6743304ffbe377745 | Triage

Analysis

max time kernel
106s
max time network
114s
platform
windows7_x64
resource
win7v200217
submitted
01-04-2020 11:30

Sharing

Report Analysis Logs

General

Target

785872bbef35d86fe6ce8a53be29995cfd0f251d2a171145bd6685bebe63ebc8.exe
Size

143KB
MD5

74622fbc3aae349b7771709444183314
SHA1

9dcada7455205b44b5fe69f765caecca4f14403c
SHA256

785872bbef35d86fe6ce8a53be29995cfd0f251d2a171145bd6685bebe63ebc8
SHA512

bd99850093c58cc9c4f59747b1718a04b8000f890f61cc7ad94d87677a69c353992514db5f53ac1cb967d37443c23910abb64a1867861026b9330df84d8f057c

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

785872bbef35d86fe6ce8a53be29995cfd0f251d2a171145bd6685bebe63ebc8.exe

description pid process

Token: SeDebugPrivilege 1864 785872bbef35d86fe6ce8a53be29995cfd0f251d2a171145bd6685bebe63ebc8.exe

C:\Users\Admin\AppData\Local\Temp\785872bbef35d86fe6ce8a53be29995cfd0f251d2a171145bd6685bebe63ebc8.exe
"C:\Users\Admin\AppData\Local\Temp\785872bbef35d86fe6ce8a53be29995cfd0f251d2a171145bd6685bebe63ebc8.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...