a882cd581f2a636e5d624e3629f43e9bb127f4f77972f181cdc0e56e2fef7066 | Triage

Analysis

max time kernel
126s
max time network
130s
platform
windows10_x64
resource
win10
submitted
13-07-2020 06:26

Sharing

Report Analysis Logs

General

Target

TT.exe
Size

718KB
MD5

4511c9c47515ec8260527ac7cb916a6b
SHA1

8677c209f7b3610b3b44160aa4fd3bfa3ff221f8
SHA256

a882cd581f2a636e5d624e3629f43e9bb127f4f77972f181cdc0e56e2fef7066
SHA512

5ae07214d7c23e6dd198bfe4f91252faaf5c21cd6cc30777942d1f0e0053fe3963498ba4750c132f2f8dc85f9af76153056cba7a6978db12fc2fb67f5b8ede4e

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

TT.exe

description pid process

Token: SeDebugPrivilege 3588 TT.exe
Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

TT.exe

pid process

3588 TT.exe

C:\Users\Admin\AppData\Local\Temp\TT.exe
"C:\Users\Admin\AppData\Local\Temp\TT.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious behavior: EnumeratesProcesses
PID:3588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...