4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03

Analysis

max time kernel
27s
max time network
95s
platform
windows10_x64
resource
win10v20210408
submitted
30-08-2021 06:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Size

999KB
MD5

523f71fbf39d1e66e40f610387c86b39
SHA1

066b31b19911f8331d56b916f033ceafe44f8d0c
SHA256

4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03
SHA512

19110ca8ccff722389f97add9899e21b80c4357f8cdcd76b1f1d37a74091b2c88a559145a357f0ba43851a856ee47ab1a232c4dcbf82df2d9411942c91d09c83

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 24 IoCs

Processes:

4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe

description	pid	process
Token: SeIncreaseQuotaPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeSecurityPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeTakeOwnershipPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeLoadDriverPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeSystemProfilePrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeSystemtimePrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeProfSingleProcessPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeIncBasePriorityPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeCreatePagefilePrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeBackupPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeRestorePrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeShutdownPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeDebugPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeSystemEnvironmentPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeChangeNotifyPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeRemoteShutdownPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeUndockPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeManageVolumePrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeImpersonatePrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: SeCreateGlobalPrivilege	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: 33	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: 34	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: 35	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
Token: 36	660	4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe

C:\Users\Admin\AppData\Local\Temp\4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe
"C:\Users\Admin\AppData\Local\Temp\4393f198e95b067abfb4e156d2d9c55ad6bef33cc0d5e21cebc374e9a2392d03.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/660-114-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download