4cb61e7c5bcb9bb42b09516ca92321e2a184a52eeed3274b850656f44d7b05ee | Triage

Analysis

max time kernel
147s
max time network
150s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
24-10-2022 12:25

Sharing

Report Analysis Logs

General

Target

hesaphareketi-01.exe
Size

105KB
MD5

675c1ffa6c0f559f2336334f7d69b81b
SHA1

07695f1fe96462bd4f6947973078cd0ecd5a80cb
SHA256

4cb61e7c5bcb9bb42b09516ca92321e2a184a52eeed3274b850656f44d7b05ee
SHA512

0c57b2dd63c423ce4755d83424e1964f9d05fc0a2390667b949501aa5e22670d7be647a664f2f18f9645c1165a43491f2c75882854a62cc298051751f7c5e371
SSDEEP

3072:Qvf3+IZ2ByFUQO7JrnQjm7szl7sC7wwx:XIZ2CUvQj9zl7I

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1044	hesaphareketi-01.exe

C:\Users\Admin\AppData\Local\Temp\hesaphareketi-01.exe
"C:\Users\Admin\AppData\Local\Temp\hesaphareketi-01.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1044-54-0x0000000001190000-0x00000000011B0000-memory.dmp

Filesize
128KB

Download
memory/1044-55-0x0000000075071000-0x0000000075073000-memory.dmp

Filesize
8KB

Download