fac98180cdc38ea644302ace9bcfd90b6ab46981b8e1ddbf754b7517a8396e12 | Triage

Analysis

max time kernel
146s
max time network
149s
platform
windows10_x64
resource
win10v200722
submitted
09-10-2020 09:33

Sharing

Report Analysis Logs

General

Target

wx5RsbJb.exe
Size

19KB
MD5

8cf5d496364f7cd3e365edbc76a6131f
SHA1

49268e9e8545abfa63d499fbdbc2859c271dc963
SHA256

fac98180cdc38ea644302ace9bcfd90b6ab46981b8e1ddbf754b7517a8396e12
SHA512

4f9a04a9643b7a2c6058bcd2df93abea9706352546a474466191329729160c75965c4dab19acd35e1031ce8b0e8a9f1aa519202b0a7871a4116f66f8eb21a948

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

wx5RsbJb.exe

description pid process

Token: SeDebugPrivilege 3900 wx5RsbJb.exe

C:\Users\Admin\AppData\Local\Temp\wx5RsbJb.exe
"C:\Users\Admin\AppData\Local\Temp\wx5RsbJb.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3900-0-0x00007FFE0CD90000-0x00007FFE0D730000-memory.dmp

Filesize
9.6MB

Download