c57089745a418cfb8cda224fa9faf383e72df19e5bd9e1cf83f7bfd4a5c819dc | Triage

Analysis

max time kernel
148s
max time network
155s
platform
windows10_x64
resource
win10-en-20211208
submitted
21-01-2022 23:11

Sharing

Report Analysis Logs

General

Target

c57089745a418cfb8cda224fa9faf383e72df19e5bd9e1cf83f7bfd4a5c819dc.exe
Size

9.8MB
MD5

7db6c74d0eb170262538874c2358acd9
SHA1

fdbde78ce35a960705aa40e85f4667a5e04046dd
SHA256

c57089745a418cfb8cda224fa9faf383e72df19e5bd9e1cf83f7bfd4a5c819dc
SHA512

c7dee3a7b362ecc9ccb87029a0b747f954e9d3a64a5fa0883341a52f83b6d779e959d48517154a17b671484b570606b5951ba11daa54c82c059e1c08ee463b84

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3988	c57089745a418cfb8cda224fa9faf383e72df19e5bd9e1cf83f7bfd4a5c819dc.exe

C:\Users\Admin\AppData\Local\Temp\c57089745a418cfb8cda224fa9faf383e72df19e5bd9e1cf83f7bfd4a5c819dc.exe
"C:\Users\Admin\AppData\Local\Temp\c57089745a418cfb8cda224fa9faf383e72df19e5bd9e1cf83f7bfd4a5c819dc.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3988-115-0x0000000002C50000-0x0000000002C51000-memory.dmp

Filesize
4KB

Download