7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5

Analysis

max time kernel
163s
max time network
178s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23/11/2022, 21:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Size

1.4MB
MD5

dc00db4590b34e88b0e2d4ba53937287
SHA1

341186d869bf6736d80d40e3965e18afb7ba745d
SHA256

7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5
SHA512

ee09b9c6ce640d9c90f40fddc219fb79bee338773bee22dd4379193f3e76fa862ba23aea50da75265ac925fa138312694afd74c08491c1a93c532400dc7ccb00
SSDEEP

24576:ba3W/e+lpSuCVetLJ8Ep2yv5AI/qZT+2fl+PIetD41G5/h7srTr+H:bBlHVCe805vSIyVtYPI84wh72A

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 24 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeSecurityPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeTakeOwnershipPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeLoadDriverPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeSystemProfilePrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeSystemtimePrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeProfSingleProcessPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeIncBasePriorityPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeCreatePagefilePrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeBackupPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeRestorePrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeShutdownPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeDebugPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeSystemEnvironmentPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeChangeNotifyPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeRemoteShutdownPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeUndockPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeManageVolumePrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeImpersonatePrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: SeCreateGlobalPrivilege	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: 33	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: 34	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: 35	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
Token: 36	4656	7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe

C:\Users\Admin\AppData\Local\Temp\7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe
"C:\Users\Admin\AppData\Local\Temp\7df727694aaa1f769f14bd8efd60a6426608791b1ddd2e0a69ec973c067c2ba5.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4656

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads