097c24ae162bd92ddfacc1276aada59fa7d058837c359a3f3a37f2ddc763e841

Analysis

max time kernel
45s
max time network
49s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
17-08-2022 10:33

Target

Launcher.exe
Size

4.6MB
MD5

4612516fca7a6fc9c393a76859d89539
SHA1

4d854c616dca1833ee3bb64befb39676a4cd26c3
SHA256

097c24ae162bd92ddfacc1276aada59fa7d058837c359a3f3a37f2ddc763e841
SHA512

700125943a1e7fca1f161c869cf7553e4462bd770763ad49e3ef1591d77ee521ff635b721af241718413442a5ecf3972981579396fd52472e4a5ddcc89b3e290

Score

1^/10

Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

Launcher.exe

description pid process

Token: 33 1584 Launcher.exe
Token: SeIncBasePriorityPrivilege 1584 Launcher.exe

description	pid	process
Token: 33	1584	Launcher.exe
Token: SeIncBasePriorityPrivilege	1584	Launcher.exe

C:\Users\Admin\AppData\Local\Temp\Launcher.exe
"C:\Users\Admin\AppData\Local\Temp\Launcher.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1584

memory/1584-54-0x0000000000400000-0x00000000009F9000-memory.dmp

Filesize
6.0MB

Download
memory/1584-55-0x00000000768F1000-0x00000000768F3000-memory.dmp

Filesize
8KB

Download
memory/1584-56-0x0000000000400000-0x00000000009F9000-memory.dmp

Filesize
6.0MB

Download
memory/1584-57-0x0000000000400000-0x00000000009F9000-memory.dmp

Filesize
6.0MB

Download
memory/1584-58-0x0000000002620000-0x0000000002A8D000-memory.dmp

Filesize
4.4MB

Download
memory/1584-59-0x00000000003F0000-0x00000000003F4000-memory.dmp

Filesize
16KB

Download
memory/1584-60-0x0000000002620000-0x0000000002A8D000-memory.dmp

Filesize
4.4MB

Download