bafeccbecf6313319fc9f3eefce60cceef6403cd44cf912ffa7471b360f5de3a

Analysis

max time kernel
47s
max time network
51s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
02-12-2022 01:10

Target

bafeccbecf6313319fc9f3eefce60cceef6403cd44cf912ffa7471b360f5de3a.exe
Size

88KB
MD5

670a4312566496e580115f5a98dce07f
SHA1

21124bfada1dd2e1153ed383c5ee60899108d07b
SHA256

bafeccbecf6313319fc9f3eefce60cceef6403cd44cf912ffa7471b360f5de3a
SHA512

aa6b9badf09b8ca10f48052c3ff980429586b38736ae7b541807ecf11e80a1e0036bdd2a23c21ae07b796090cc8b798f13c5a2daa75be4ec43ee19dd66b4aeb7
SSDEEP

1536:If5t2lmTt7E/2SDsoHc02qyqJnHBJhOfzpZDCLPXSXSo:IBTtI/2fgnEZDCLPXc

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1768	bafeccbecf6313319fc9f3eefce60cceef6403cd44cf912ffa7471b360f5de3a.exe

C:\Users\Admin\AppData\Local\Temp\bafeccbecf6313319fc9f3eefce60cceef6403cd44cf912ffa7471b360f5de3a.exe
"C:\Users\Admin\AppData\Local\Temp\bafeccbecf6313319fc9f3eefce60cceef6403cd44cf912ffa7471b360f5de3a.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1768

memory/1768-54-0x0000000076961000-0x0000000076963000-memory.dmp

Filesize
8KB

Download
memory/1768-55-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download