450fe551f9989c51ae6b8ad556b22c4f34076f1cc61d2ffdfab5c55522d6e210 | Triage

Analysis

max time kernel
43s
max time network
137s
platform
windows7_x64
resource
win7-20220414-en
submitted
17-04-2022 13:41

Sharing

Report Analysis Logs

General

Target

f37caf1332fe729273767e8839d95abc.exe
Size

231KB
MD5

f37caf1332fe729273767e8839d95abc
SHA1

485fc320582b7c2ce5f9ec1c329cca82e331d3dd
SHA256

450fe551f9989c51ae6b8ad556b22c4f34076f1cc61d2ffdfab5c55522d6e210
SHA512

5c6e72643f33898134195f5a8b19c9f56066d2e8f16f9032b8bd54dba185b33b5dc877d14e941c59bba2b312fe95931c875cb8f39fd20dfd2ef9a4d9d690882f

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

f37caf1332fe729273767e8839d95abc.exe

description pid process

Token: SeDebugPrivilege 1100 f37caf1332fe729273767e8839d95abc.exe

C:\Users\Admin\AppData\Local\Temp\f37caf1332fe729273767e8839d95abc.exe
"C:\Users\Admin\AppData\Local\Temp\f37caf1332fe729273767e8839d95abc.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1100-54-0x0000000000C30000-0x0000000000C78000-memory.dmp

Filesize
288KB

Download
memory/1100-55-0x0000000009275000-0x0000000009286000-memory.dmp

Filesize
68KB

Download