5686f840b9b2834952367cd9c37ec4c8385bcc90348dd3a92e488c0faebed85a | Triage

Analysis

max time kernel
5s
max time network
125s
platform
windows10_x64
resource
win10-en-20211208
submitted
14-01-2022 10:00

Sharing

Report Analysis Logs

General

Target

IMG-000284794.exe
Size

1.2MB
MD5

abd28466f7cb80d6da36fed9f3e6bef4
SHA1

fb2911028f32b2b3c07004a21e84773e3efd1519
SHA256

5686f840b9b2834952367cd9c37ec4c8385bcc90348dd3a92e488c0faebed85a
SHA512

0c6aa40cc0797ae3e59bf863bce36c1bb4a96760aa2897b8b03706da83e24a9009fbda569a243c890c7013d4f6e1514e73349757b16c0b318407019ad1e51586

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

IMG-000284794.exe

description pid process

Token: SeDebugPrivilege 3716 IMG-000284794.exe

C:\Users\Admin\AppData\Local\Temp\IMG-000284794.exe
"C:\Users\Admin\AppData\Local\Temp\IMG-000284794.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3716-115-0x0000000000880000-0x00000000009AE000-memory.dmp

Filesize
1.2MB

Download
memory/3716-116-0x0000000000880000-0x00000000009AE000-memory.dmp

Filesize
1.2MB

Download
memory/3716-117-0x0000000005310000-0x0000000005311000-memory.dmp

Filesize
4KB

Download