21aa6e142f014f8fd321bbe918432144e682aa20e65629f29ccf482ea48a419d | Triage

Analysis

max time kernel
134s
max time network
152s
platform
windows7_x64
resource
win7-20220414-en
submitted
14-07-2022 08:44

Sharing

Report Analysis Logs

General

Target

9c91d69d00012f20188fa70917be025e23facea44c9f70fad009acc08e497d91.exe
Size

57KB
MD5

1f8ab60652189ea6957eaf626cf0aedc
SHA1

74b68584a1f25710ae897f6d90ab4ad3cad4796f
SHA256

9c91d69d00012f20188fa70917be025e23facea44c9f70fad009acc08e497d91
SHA512

3a525c7e25ddc2afb62c9bd086f8fe2905761828dbd02ff7b68b0d78ca6a2e26631c6704dbe22d06d9e39b73422cfc8e7d1a94ca48e9846683c41dd08540b9e3

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

9c91d69d00012f20188fa70917be025e23facea44c9f70fad009acc08e497d91.exe

description pid process

Token: SeDebugPrivilege 904 9c91d69d00012f20188fa70917be025e23facea44c9f70fad009acc08e497d91.exe

C:\Users\Admin\AppData\Local\Temp\9c91d69d00012f20188fa70917be025e23facea44c9f70fad009acc08e497d91.exe
"C:\Users\Admin\AppData\Local\Temp\9c91d69d00012f20188fa70917be025e23facea44c9f70fad009acc08e497d91.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/904-54-0x00000000009D0000-0x00000000009E4000-memory.dmp

Filesize
80KB

Download
memory/904-55-0x00000000751C1000-0x00000000751C3000-memory.dmp

Filesize
8KB

Download