9ff3c1a1c7b4ad59622c37e03f1798f1b0302834c86d9fb200bb7931a47637e6

Analysis

max time kernel
147s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
25-06-2022 21:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Size

943KB
MD5

b0746a1ed7ba403a3a73630f3770994d
SHA1

c8e888c078ccc512b714c8a79f46b988c94bf8f8
SHA256

9ff3c1a1c7b4ad59622c37e03f1798f1b0302834c86d9fb200bb7931a47637e6
SHA512

1adaa2c87778d4e7bc2bf5a5651430e8e64da99f1c24af081f30cc0666c379b0eb43f25364cdd88ac17e6f4548ce9e11f73b04f3ca025044b225f4f72b5fd142

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 25 IoCs

Processes:

9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe

description	pid	process
Token: SeDebugPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: 33	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
Token: SeIncBasePriorityPrivilege	4704	9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe

C:\Users\Admin\AppData\Local\Temp\9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe
"C:\Users\Admin\AppData\Local\Temp\9FF3C1A1C7B4AD59622C37E03F1798F1B0302834C86D9.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4704-130-0x0000000000EC0000-0x0000000000FB2000-memory.dmp

Filesize
968KB

Download
memory/4704-131-0x0000000007CC0000-0x0000000007D5C000-memory.dmp

Filesize
624KB

Download
memory/4704-132-0x0000000006150000-0x00000000066F4000-memory.dmp

Filesize
5.6MB

Download
memory/4704-133-0x0000000005D30000-0x0000000005DC2000-memory.dmp

Filesize
584KB

Download
memory/4704-134-0x0000000005CA0000-0x0000000005CAA000-memory.dmp

Filesize
40KB

Download