10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f | Triage

Analysis

max time kernel
155s
max time network
166s
platform
windows10_x64
resource
win10-en-20211208
submitted
28-01-2022 22:22

Sharing

Report Analysis Logs

General

Target

10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f.exe
Size

17KB
MD5

883a69de02a2ae0f8f2bac0eaa04e203
SHA1

a61a5cbbf32736fc78bb6651e96caac52d843ce5
SHA256

10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f
SHA512

003cc8b030594076db60d8f536863e3d94da817732ea51ca52aa37a08f3f12cda0c0f977931faf33639de15003b3659923be0eaf8e93e506d8945587e902c3bd

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f.exe

description pid process

Token: SeDebugPrivilege 3988 10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f.exe

C:\Users\Admin\AppData\Local\Temp\10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f.exe
"C:\Users\Admin\AppData\Local\Temp\10d4bd37cd29071186b4ef31341edb79a9ae05c6bc8d26c9850cfeccabb90d1f.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3988-118-0x0000000000AD0000-0x0000000000AD2000-memory.dmp

Filesize
8KB

Download