Analysis
-
max time kernel
80s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
23-11-2022 07:57
Static task
static1
Behavioral task
behavioral1
Sample
Adobe Photoshop CS5.exe
Resource
win7-20220901-en
windows7-x64
1 signatures
600 seconds
General
-
Target
Adobe Photoshop CS5.exe
-
Size
60.9MB
-
MD5
2021050ec9cc6cd5f06c379b1b7b8330
-
SHA1
e049c7bf91b2353aea42350ac2d424498a95b52c
-
SHA256
1662a5feb829cb863e81a9d97cf2842375448cc5c3ad2ad89b10cda72f52f846
-
SHA512
dba80683c28f72d922dfbb0124bd5e7bbc9c25e45b4429f80ec8a12d308cfdf2b3f961392f9d1f50706f2ce7726fd5e780e6797f9119c2d5708cadcbc683c432
-
SSDEEP
786432:7mNKkrSNtU2I9X83eCdX/huxc7s3s5xhL7ONvK2V17ZVw/gCLsWdFUXe4v0:70HSMv9X8/dP6EK8hWNPYgCLRy30
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
Processes:
AUDIODG.EXEdescription pid process Token: 33 980 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 980 AUDIODG.EXE Token: 33 980 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 980 AUDIODG.EXE
Processes
-
C:\Users\Admin\AppData\Local\Temp\Adobe Photoshop CS5.exe"C:\Users\Admin\AppData\Local\Temp\Adobe Photoshop CS5.exe"1⤵
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x5081⤵
- Suspicious use of AdjustPrivilegeToken