37417706b7e0932dc48844a2a089d2daee4e82407324961629edbd7a549273aa

Analysis

Target

MCB-87669.exe
Size

684KB
MD5

70c4d5c030027ad6717effc742a99b4a
SHA1

65de3bee4d4643c937607df4ddb1ecc3ad01929f
SHA256

3e1948c266a9b1c6818e5136b021fb7146f334912fa4a3975343479062f45b35
SHA512

b023cc113871b94fcbe7b7b00baed402167205bc4206010a34eb7305b8fd984fe176d3a0bf5219cc722605ea7d3dce6b77193f62993f7119a0841b7b8e41c310

Score

1^/10

Suspicious behavior: EnumeratesProcesses 5 IoCs

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2024	MCB-87669.exe

Suspicious use of WriteProcessMemory 20 IoCs

description	pid	Process	procid_target
PID 2024 wrote to memory of 1648	2024	MCB-87669.exe	27
PID 2024 wrote to memory of 1648	2024	MCB-87669.exe	27
PID 2024 wrote to memory of 1648	2024	MCB-87669.exe	27
PID 2024 wrote to memory of 1648	2024	MCB-87669.exe	27
PID 2024 wrote to memory of 620	2024	MCB-87669.exe	28
PID 2024 wrote to memory of 620	2024	MCB-87669.exe	28
PID 2024 wrote to memory of 620	2024	MCB-87669.exe	28
PID 2024 wrote to memory of 620	2024	MCB-87669.exe	28
PID 2024 wrote to memory of 1116	2024	MCB-87669.exe	29
PID 2024 wrote to memory of 1116	2024	MCB-87669.exe	29
PID 2024 wrote to memory of 1116	2024	MCB-87669.exe	29
PID 2024 wrote to memory of 1116	2024	MCB-87669.exe	29
PID 2024 wrote to memory of 1448	2024	MCB-87669.exe	30
PID 2024 wrote to memory of 1448	2024	MCB-87669.exe	30
PID 2024 wrote to memory of 1448	2024	MCB-87669.exe	30
PID 2024 wrote to memory of 1448	2024	MCB-87669.exe	30
PID 2024 wrote to memory of 840	2024	MCB-87669.exe	31
PID 2024 wrote to memory of 840	2024	MCB-87669.exe	31
PID 2024 wrote to memory of 840	2024	MCB-87669.exe	31
PID 2024 wrote to memory of 840	2024	MCB-87669.exe	31

memory/2024-54-0x0000000000350000-0x0000000000402000-memory.dmp

Filesize
712KB

Download
memory/2024-55-0x0000000000490000-0x0000000000498000-memory.dmp

Filesize
32KB

Download
memory/2024-56-0x00000000052B0000-0x0000000005354000-memory.dmp

Filesize
656KB

Download