f486c5d5fe3c9341cd331a8e6a68102a9bd7a9e7864c5179948c585806828006 | Triage

Analysis

max time kernel
123s
max time network
147s
platform
windows10_x64
resource
win10v200430
submitted
13-07-2020 07:00

Sharing

Report Analysis Logs

General

Target

952110_2020713.exe
Size

1.3MB
MD5

52e2dd01e70bce5aac4f44e19c2876e1
SHA1

bf7326838f7b86565769f1c122bdebbbf5b6a097
SHA256

f486c5d5fe3c9341cd331a8e6a68102a9bd7a9e7864c5179948c585806828006
SHA512

1ab82d5d08de1f877ec4c45d75597f4d584460bf37c6e8e271f6ebc74a452f14b39c84cc22b2bf8a3fadeaa53f87881dcacafeeedfcaf500d34e09a8f659ddbd

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

952110_2020713.exe

description pid process

Token: SeDebugPrivilege 3848 952110_2020713.exe
Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

952110_2020713.exe

pid process

3848 952110_2020713.exe

C:\Users\Admin\AppData\Local\Temp\952110_2020713.exe
"C:\Users\Admin\AppData\Local\Temp\952110_2020713.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious behavior: EnumeratesProcesses
PID:3848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...