5046403f44884fe6aa062f9d2f92037136305305ef195d4c213c279e2466ec1f

General

Target

tmp/19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Size

32KB
MD5

fa662f3db65d27282db066a3790e49ac
SHA1

4e172123c728811be644749ee4a3df6c03f78488
SHA256

5046403f44884fe6aa062f9d2f92037136305305ef195d4c213c279e2466ec1f
SHA512

6b426fafab9fe30dbdd1e4e8c388e285aed1e1902d1f0a0cf068e0a6ab28a9f095a50af402d5dbcc0f90de0b334d743fa9132b6625f4e00bd9bc56ed0e8fd28d

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 35 IoCs

Processes:

19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe

description	pid	process
Token: SeDebugPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: 33	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
Token: SeIncBasePriorityPrivilege	920	19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe

C:\Users\Admin\AppData\Local\Temp\tmp\19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe
"C:\Users\Admin\AppData\Local\Temp\tmp\19f2c7a2-d19a-4460-a410-88322dd21e60_onedrivenwt2.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/920-115-0x0000000001760000-0x0000000001761000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads