9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a

Analysis

max time kernel
185s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
05/12/2022, 06:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Size

371KB
MD5

8bf410a6e387ca978a965ad7741dfbb3
SHA1

843adc4f40a400d86537fa360e2ab06c173f08d4
SHA256

9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a
SHA512

1ba8d7fe8f26748071b459160bf6e0c89a89e33391eded905fe200587d1188eadc505d29feaaa5a94b40c0053b05b4555cc6d8f46c546846b3f1ed3b102a75f1
SSDEEP

6144:Lx/5DQgBxVE6z866K0u0jsBLGc4lUqCurzjinzmEUylpC8kTv87IiLYEC:x5DQKxSWaM0QBLGNi7zm/Y/kr87jL2

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 23 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeSecurityPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeTakeOwnershipPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeLoadDriverPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeSystemProfilePrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeSystemtimePrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeProfSingleProcessPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeIncBasePriorityPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeCreatePagefilePrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeBackupPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeRestorePrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeShutdownPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeDebugPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeSystemEnvironmentPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeChangeNotifyPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeRemoteShutdownPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeUndockPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeManageVolumePrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeImpersonatePrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: SeCreateGlobalPrivilege	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: 33	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: 34	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
Token: 35	1756	9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe

C:\Users\Admin\AppData\Local\Temp\9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe
"C:\Users\Admin\AppData\Local\Temp\9f42d7d0bd0b1e3f66cadbd03b6785fcd0f0173beaaa10ca7356c10f0633ea6a.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1756-54-0x0000000075CF1000-0x0000000075CF3000-memory.dmp

Filesize
8KB

Download
memory/1756-55-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/1756-56-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads