61772167a95f7d7eb84337c06144cbba21b88b0ace8ef24d59426c7a50e6acc6 | Triage

Analysis

max time kernel
145s
max time network
147s
platform
windows10_x64
resource
win10v20201028
submitted
09-11-2020 19:28

Sharing

Report Analysis Logs

General

Target

file.exe
Size

16KB
MD5

f7f95cde7776936c0cc90253a77a330b
SHA1

53b9c14cea890878ecd6a50de587fbff5c5d2dcd
SHA256

61772167a95f7d7eb84337c06144cbba21b88b0ace8ef24d59426c7a50e6acc6
SHA512

ffafbe7aa7156b4fd219e5c18ace14ecb4514671688000621417cfcce225d83a9afc40c2e3be68bcda057ca5bbb10415569ad1dd2612b545c2f6530c5a53ad87

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

file.exe

description pid process

Token: SeDebugPrivilege 4076 file.exe

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4076-0-0x00007FFFD2720000-0x00007FFFD30C0000-memory.dmp

Filesize
9.6MB

Download