0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11 | Triage

Analysis

max time kernel
144s
max time network
145s
platform
windows7_x64
resource
win7-20220414-en
submitted
24-05-2022 22:01

Sharing

Report Analysis Logs

General

Target

0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11.exe
Size

16KB
MD5

5c0a1df2f47801b3a8d04b399c764d86
SHA1

316ba2bd4778c9b5c1cd79cf20bc82447d82a7da
SHA256

0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11
SHA512

6f05b12b659bae446094e9cb45b28811f9fcc6883fabde9fa56f5eea7c62672712a695c2126949bbfc1d4e619f10d5eb93305d5cd09bae1e472f4637f13761f2

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11.exe

description pid process

Token: SeDebugPrivilege 1976 0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11.exe

C:\Users\Admin\AppData\Local\Temp\0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11.exe
"C:\Users\Admin\AppData\Local\Temp\0914cce2d626af56eb2c8cd40a74d130027ed365f24481564dc0c59aea168d11.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1976-54-0x000007FEF2760000-0x000007FEF37F6000-memory.dmp

Filesize
16.6MB

Download