eb2771213a7fef19978ec91671282e47ec826327ffb5c4c3fde30f6725f0ec06

Analysis

max time kernel
45s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
05-12-2022 08:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eb2771213a7fef19978ec91671282e47ec826327ffb5c4c3fde30f6725f0ec06.exe
Size

262KB
MD5

a73f3be56aa803bbe585787c11a5b612
SHA1

00aee3acd8563fd24f94f8a75124408e74a18f4c
SHA256

eb2771213a7fef19978ec91671282e47ec826327ffb5c4c3fde30f6725f0ec06
SHA512

42d9d7cd637411f85073457eebebd2c0a7d7defca941fbd8ec2fa62173079f892b7923022e601d8e3f5c640ad763c570aa0a49e7c1c11e2b9df9101d73fe8328
SSDEEP

3072:PRyEC2Oi8NXC797F8TBfFvj4bq5737OQfragYsMfZ8qYnpAbz7JEp1ydT08EDwGW:PXC2F8NXC796TB9vj483TfMONngJxgg

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2032	eb2771213a7fef19978ec91671282e47ec826327ffb5c4c3fde30f6725f0ec06.exe

C:\Users\Admin\AppData\Local\Temp\eb2771213a7fef19978ec91671282e47ec826327ffb5c4c3fde30f6725f0ec06.exe
"C:\Users\Admin\AppData\Local\Temp\eb2771213a7fef19978ec91671282e47ec826327ffb5c4c3fde30f6725f0ec06.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2032

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
1⤵
PID:1268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-54-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-57-0x00000000766D1000-0x00000000766D3000-memory.dmp

Filesize
8KB

Download
memory/2032-58-0x0000000074E10000-0x00000000753BB000-memory.dmp

Filesize
5.7MB

Download
memory/2032-59-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-64-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-63-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-62-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-61-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-60-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-71-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-70-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-69-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-68-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-67-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-72-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-78-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-81-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-83-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-88-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-90-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-94-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-95-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-96-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-100-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-101-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-104-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-105-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-107-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-110-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-112-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-111-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-109-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-108-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-106-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-118-0x0000000000674000-0x0000000000677000-memory.dmp

Filesize
12KB

Download
memory/2032-117-0x000000000067B000-0x0000000000680000-memory.dmp

Filesize
20KB

Download
memory/2032-116-0x000000000067B000-0x0000000000680000-memory.dmp

Filesize
20KB

Download
memory/2032-115-0x0000000000674000-0x0000000000677000-memory.dmp

Filesize
12KB

Download
memory/2032-114-0x0000000000674000-0x0000000000677000-memory.dmp

Filesize
12KB

Download
memory/2032-113-0x0000000000674000-0x0000000000677000-memory.dmp

Filesize
12KB

Download
memory/2032-103-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-102-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-99-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-98-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-97-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-93-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-92-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-91-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-89-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-87-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-86-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-85-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-84-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-82-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-80-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-79-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-77-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-76-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-74-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-75-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-73-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-66-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-65-0x0000000000320000-0x0000000000352000-memory.dmp

Filesize
200KB

Download
memory/2032-119-0x0000000001F86000-0x0000000001F97000-memory.dmp

Filesize
68KB

Download
memory/2032-120-0x0000000074E10000-0x00000000753BB000-memory.dmp

Filesize
5.7MB

Download
memory/2032-121-0x0000000001F86000-0x0000000001F97000-memory.dmp

Filesize
68KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads