a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5 | Triage

Analysis

max time kernel
178s
max time network
46s
platform
windows7_x64
resource
win7-20220414-en
submitted
20-05-2022 23:33

Sharing

Report Analysis Logs

General

Target

a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5.exe
Size

53KB
MD5

195ad78008920eb74c107869dbbe5cc1
SHA1

568f761f06a730cbd889da9f465e2e1651b4ed18
SHA256

a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5
SHA512

c02b571a46b9bcf86b72e792a1e6762628d183d9ed052dcbb41e226ddc9fa3294a6eea0c9f58e325864778dd08c09151e53aa97ba675693af046cbdcc8d50091

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5.exe

description pid process

Token: SeDebugPrivilege 1944 a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5.exe

C:\Users\Admin\AppData\Local\Temp\a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5.exe
"C:\Users\Admin\AppData\Local\Temp\a764638549184eb4a5f01806cf0f22cde3ae0f7bc739052b36a996b394bb65c5.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1944-54-0x00000000765C1000-0x00000000765C3000-memory.dmp

Filesize
8KB

Download
memory/1944-55-0x0000000074D40000-0x00000000752EB000-memory.dmp

Filesize
5.7MB

Download