21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88 | Triage

Analysis

max time kernel
148s
max time network
155s
platform
windows7_x64
resource
win7-20220414-en
submitted
12-06-2022 07:57

Sharing

Report Analysis Logs

General

Target

21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88.exe
Size

16KB
MD5

7e2b11e79653487b30cf0cc71d3a4909
SHA1

e559f81ef96a8b72dcac56920f00acf0f54267de
SHA256

21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88
SHA512

99f1c5e5ede1ab960e1e67962653206008e0bee6d5efeea0a806cc93a8d3ef56c3730924d0f5ae9643de4aa6a23539006a287b2f91b866bd330936d8d22e2f28

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88.exe

description pid process

Token: SeDebugPrivilege 536 21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88.exe

C:\Users\Admin\AppData\Local\Temp\21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88.exe
"C:\Users\Admin\AppData\Local\Temp\21a39840963f1dba36093f231492075fe4230adf89488b141a43f09f189b5e88.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/536-54-0x000007FEF33D0000-0x000007FEF3DF3000-memory.dmp

Filesize
10.1MB

Download
memory/536-55-0x000007FEF2330000-0x000007FEF33C6000-memory.dmp

Filesize
16.6MB

Download