6465583612464b544875ed97634981015ccfbe8c33260ab3dec20564c081327e

Analysis

max time kernel
124s
max time network
57s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
18-10-2022 19:30

Target

6465583612464b544875ed97634981015ccfbe8c33260ab3dec20564c081327e.exe
Size

3.0MB
MD5

11549de00015d18066d1c1b3d8aa1481
SHA1

e81333eb080641c37d30177fc67d48eea94cf6e1
SHA256

6465583612464b544875ed97634981015ccfbe8c33260ab3dec20564c081327e
SHA512

ac2bd89191d6fe3fbb34af10a8bc30170a223c7dd0ae831d92e1834ce281f097b1b18624b5af0cd99fe8d5fb2b18f2d70ea7fd0c78568aa38b6e1cdced629d36
SSDEEP

49152:xPV3JRwnP1qPqHSrPDleo/0ToJttOoC24aFltH//AQku1rmT5ua9QNJkAefaCk:n6sISr1oWtOoC2b9amz7efo

Score

1^/10

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1768	6465583612464b544875ed97634981015ccfbe8c33260ab3dec20564c081327e.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	944	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	944	AUDIODG.EXE
Token: 33	944	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	944	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\6465583612464b544875ed97634981015ccfbe8c33260ab3dec20564c081327e.exe
"C:\Users\Admin\AppData\Local\Temp\6465583612464b544875ed97634981015ccfbe8c33260ab3dec20564c081327e.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:1768

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0xc8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:944