23c50f61db3d334ed33b41c50623635bc5dd4eaac79faa695127cea2bbf00611

Analysis

max time kernel
149s
max time network
142s
platform
windows7_x64
resource
win7-en-20211208
submitted
31-12-2021 07:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a66f658cec33d5ed7ffbe6794283de68.exe
Size

32KB
MD5

a66f658cec33d5ed7ffbe6794283de68
SHA1

56f726667dc46aca4ef13740a5dbad23cf44e532
SHA256

23c50f61db3d334ed33b41c50623635bc5dd4eaac79faa695127cea2bbf00611
SHA512

4ab58ca12b0136270b24487e4969ef1eda7e299f657aa1539ad5b2abf9e50ba4395d980412ae450d12d52bb3eb9482447ce0ac290eff8d9ed5d53152c5df52d9

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes:

a66f658cec33d5ed7ffbe6794283de68.exe

description	pid	process
Token: SeDebugPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	1788	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	1788	a66f658cec33d5ed7ffbe6794283de68.exe

C:\Users\Admin\AppData\Local\Temp\a66f658cec33d5ed7ffbe6794283de68.exe
"C:\Users\Admin\AppData\Local\Temp\a66f658cec33d5ed7ffbe6794283de68.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1788-54-0x0000000075F21000-0x0000000075F23000-memory.dmp

Filesize
8KB

Download
memory/1788-55-0x0000000002050000-0x0000000002051000-memory.dmp

Filesize
4KB

Download