221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa | Triage

Analysis

max time kernel
151s
max time network
179s
platform
windows7_x64
resource
win7-20220414-en
submitted
12-06-2022 06:18

Sharing

Report Analysis Logs

General

Target

221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa.exe
Size

16KB
MD5

7d74a46f9c7de765fe7d51df94166b9a
SHA1

6dcf2849e8a19b7d95da6d49bc2627787b4f7193
SHA256

221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa
SHA512

b6373ec4c90db921a94dfaeb921fde47e1050730a6714bc866fe9b7812aa5e5f88c9dbcaedcf93444b37e5b6a8fef93ac9c5c570ca80539b3614e3097a22085f

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa.exe

description pid process

Token: SeDebugPrivilege 1504 221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa.exe

C:\Users\Admin\AppData\Local\Temp\221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa.exe
"C:\Users\Admin\AppData\Local\Temp\221f3740514fc1ab4fd2a2154979269fe646a8d2d7dc22356f791774d2aa0baa.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1504-54-0x000007FEF3200000-0x000007FEF3C23000-memory.dmp

Filesize
10.1MB

Download
memory/1504-55-0x000007FEF2160000-0x000007FEF31F6000-memory.dmp

Filesize
16.6MB

Download