23c50f61db3d334ed33b41c50623635bc5dd4eaac79faa695127cea2bbf00611

Analysis

max time kernel
151s
max time network
147s
platform
windows10_x64
resource
win10-en-20211208
submitted
31-12-2021 07:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a66f658cec33d5ed7ffbe6794283de68.exe
Size

32KB
MD5

a66f658cec33d5ed7ffbe6794283de68
SHA1

56f726667dc46aca4ef13740a5dbad23cf44e532
SHA256

23c50f61db3d334ed33b41c50623635bc5dd4eaac79faa695127cea2bbf00611
SHA512

4ab58ca12b0136270b24487e4969ef1eda7e299f657aa1539ad5b2abf9e50ba4395d980412ae450d12d52bb3eb9482447ce0ac290eff8d9ed5d53152c5df52d9

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 35 IoCs

Processes:

a66f658cec33d5ed7ffbe6794283de68.exe

description	pid	process
Token: SeDebugPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: 33	676	a66f658cec33d5ed7ffbe6794283de68.exe
Token: SeIncBasePriorityPrivilege	676	a66f658cec33d5ed7ffbe6794283de68.exe

C:\Users\Admin\AppData\Local\Temp\a66f658cec33d5ed7ffbe6794283de68.exe
"C:\Users\Admin\AppData\Local\Temp\a66f658cec33d5ed7ffbe6794283de68.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/676-115-0x00000000021C0000-0x00000000021C1000-memory.dmp

Filesize
4KB

Download