335352170d17688824cb6e8759bc39cb1b56dccd8ca0dd5e6fb48e9722c32eb4 | Triage

Analysis

max time kernel
123s
max time network
140s
platform
windows7_x64
resource
win7-en-20210920
submitted
18-10-2021 20:16

Sharing

Report Analysis Logs

General

Target

a187ff3ecbbf22cc98cf591c23c7a76d.exe
Size

1.2MB
MD5

a187ff3ecbbf22cc98cf591c23c7a76d
SHA1

9c162ac34e013979c1b643a9b92178d041d84dd0
SHA256

335352170d17688824cb6e8759bc39cb1b56dccd8ca0dd5e6fb48e9722c32eb4
SHA512

19943efa802d1ae7af7f2c30c314f02f632ec729303ce7adb1f33293e96965178e8c21feacf5afd768aa34d556b39010c529f31f6d9c0144ad78ef81c5264dc6

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

a187ff3ecbbf22cc98cf591c23c7a76d.exe

description pid process

Token: SeDebugPrivilege 2036 a187ff3ecbbf22cc98cf591c23c7a76d.exe

C:\Users\Admin\AppData\Local\Temp\a187ff3ecbbf22cc98cf591c23c7a76d.exe
"C:\Users\Admin\AppData\Local\Temp\a187ff3ecbbf22cc98cf591c23c7a76d.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2036-54-0x00000000012E0000-0x00000000012E1000-memory.dmp

Filesize
4KB

Download
memory/2036-56-0x0000000001260000-0x0000000001261000-memory.dmp

Filesize
4KB

Download