Analysis
-
max time kernel
353s -
max time network
370s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
27-11-2022 19:03
General
-
Target
a651001136d322283e08a68956eb21ccc97d37a92dbf9635be65d02f340cd825.exe
-
Size
317KB
-
MD5
ab4f815471396e666d7457c15d2071cb
-
SHA1
6170fc8ae933254ba5676504ddaf745e923729b1
-
SHA256
a651001136d322283e08a68956eb21ccc97d37a92dbf9635be65d02f340cd825
-
SHA512
df9716310b6312deca57c206f06b18921082dd8476fc6b29f88bde3583f4422133222ba3e55148e2bef9731057287abc3278e6edf1f32e0ed4f2507094991dda
-
SSDEEP
6144:UrSLhL3leQViOgaGeaNUeorzhrNuFmkCvLiXZnMOn:UrSlj0QkONoUeo3VNSm7vLqr
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a651001136d322283e08a68956eb21ccc97d37a92dbf9635be65d02f340cd825.exe"C:\Users\Admin\AppData\Local\Temp\a651001136d322283e08a68956eb21ccc97d37a92dbf9635be65d02f340cd825.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1736-132-0x00000000006EE000-0x000000000071F000-memory.dmpFilesize
196KB
-
memory/1736-133-0x0000000002400000-0x000000000243E000-memory.dmpFilesize
248KB
-
memory/1736-134-0x0000000000400000-0x000000000066D000-memory.dmpFilesize
2.4MB
-
memory/1736-135-0x0000000000400000-0x000000000066D000-memory.dmpFilesize
2.4MB
-
memory/1736-136-0x0000000004E60000-0x0000000005404000-memory.dmpFilesize
5.6MB
-
memory/1736-137-0x0000000000AE0000-0x0000000000B72000-memory.dmpFilesize
584KB