8c2d5674630a01a7f4cea1a683081412200ecbe413a80dbe922d9eefc66fa587 | Triage

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-en-20210920
submitted
12-10-2021 10:28

Sharing

Report Analysis Logs

General

Target

primary_analysis_subject.exe
Size

295KB
MD5

fb522d468e6fc7187053a57e8300381b
SHA1

39185e27ea4210a3aa070dadbe91575c891603d8
SHA256

6062a0392b4b785d926964a9d535a78775770fde2acf70489a13f6ea2ff811d1
SHA512

a25138d1f5ae3801fbb1e3020582c3980237321ff2bc647a153b7496d1154008ef4efc057e76a3c64f27c083d83220589e45f9f7e4e571f869a7fe05c740c57a

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

primary_analysis_subject.exe

description pid process

Token: SeDebugPrivilege 1324 primary_analysis_subject.exe

C:\Users\Admin\AppData\Local\Temp\primary_analysis_subject.exe
"C:\Users\Admin\AppData\Local\Temp\primary_analysis_subject.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1324-53-0x0000000000FA0000-0x0000000000FA1000-memory.dmp

Filesize
4KB

Download
memory/1324-55-0x0000000075661000-0x0000000075663000-memory.dmp

Filesize
8KB

Download
memory/1324-56-0x0000000004D20000-0x0000000004D21000-memory.dmp

Filesize
4KB

Download