4d58c656b52ad9e501a74866dd2f0b2fd00ea4cd92013540edaa91f31f2159ae | Triage

Analysis

max time kernel
9s
max time network
124s
platform
windows10_x64
resource
win10-en-20211208
submitted
11-01-2022 12:00

Sharing

Report Analysis Logs

General

Target

Payment-402.exe
Size

1.2MB
MD5

7f9d26535c38eee3561f2e7c214f9854
SHA1

80074b8467cb52e6c36d587e1571045bf93521b5
SHA256

4d58c656b52ad9e501a74866dd2f0b2fd00ea4cd92013540edaa91f31f2159ae
SHA512

97fab9b908fa0eaadfc971c3ff0b34e98a2ea3d33bc8a062f0f3b35631a0ca16d86b24935c6fb38a10d36675316a90500603ba4c88481b6bd058baf49958ca73

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

Payment-402.exe

description pid process

Token: SeDebugPrivilege 2744 Payment-402.exe

C:\Users\Admin\AppData\Local\Temp\Payment-402.exe
"C:\Users\Admin\AppData\Local\Temp\Payment-402.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2744

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2744-118-0x0000000000A40000-0x0000000000B6E000-memory.dmp

Filesize
1.2MB

Download
memory/2744-119-0x0000000000A40000-0x0000000000B6E000-memory.dmp

Filesize
1.2MB

Download
memory/2744-120-0x0000000005540000-0x0000000005541000-memory.dmp

Filesize
4KB

Download