9c65a410c58ddd53b45b943250b30b0690c4a3c91105a51052d7a8bdde68516e | Triage

Analysis

max time kernel
30s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
27-11-2022 08:36

Sharing

Report Analysis Logs

General

Target

keygen.exe
Size

40KB
MD5

630517a2239f8422eb3a1f9acc73a4fa
SHA1

9631bb37a67af3fde88b8dcf558aed3bd1536ed0
SHA256

f4485a53000a7bff8c8eccc65f0c8653da86d3ee5bdfd950013b98b1ac6821ec
SHA512

a2f48ed83c294ad03d8a98b5b5b6f5b16304e94d5b05f02fe65fbda4414ae973d7fdf26923a1d3fb8e58f44fb4af71176b1080ae02c3c3b97de874067f55496d
SSDEEP

768:FD3fd6Zaxko90f611er9WaIlg9Gbfp0FT4RgBkJxPI0rY:ZfYZaGoS61Er95I1quReiJE

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	1668	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1668	AUDIODG.EXE
Token: 33	1668	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1668	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\keygen.exe
"C:\Users\Admin\AppData\Local\Temp\keygen.exe"
1⤵
PID:836

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x55c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads