Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/10/2022, 22:31

General

  • Target

    71043142D7023244DA9ADDD9AED9C1E7EAD4E99F4204D.exe

  • Size

    32KB

  • MD5

    fac41f4ef6e3c21f79f96fee659fb595

  • SHA1

    75463cf28d7790f85ab6aef703d73b4b82fc3713

  • SHA256

    71043142d7023244da9addd9aed9c1e7ead4e99f4204d566844a5f9ef49fe1ad

  • SHA512

    dfb2b816950583668d68c69f677ee0047201d3fa8dcce7371e8541ada8efcd249faf5d771da9b15867307ee6bd7cd8a65723eacf7cbe11e28ce9aa210a80ea9c

  • SSDEEP

    384:R0bUe5XB4e0XCOzU4GeJWTPtTUFQqz9RObbrN:KT9Buh7DCHbx

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\71043142D7023244DA9ADDD9AED9C1E7EAD4E99F4204D.exe
    "C:\Users\Admin\AppData\Local\Temp\71043142D7023244DA9ADDD9AED9C1E7EAD4E99F4204D.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4396

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4396-132-0x00000000753C0000-0x0000000075971000-memory.dmp

          Filesize

          5.7MB

        • memory/4396-133-0x00000000753C0000-0x0000000075971000-memory.dmp

          Filesize

          5.7MB