Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
31-01-2023 20:07
General
-
Target
f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271.exe
-
Size
278KB
-
MD5
df336de1aac65e4439ddfd985377cb98
-
SHA1
4eafb9b94142d48dd237f352bd2d02b94af1c3ff
-
SHA256
f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271
-
SHA512
0a719ae9208182695943274a927e38721db1e529071ea8bec67a1c7b408130252185d6f8019e725583e817a806f04c0f512e4838e6919b9fff5881abe906c01d
-
SSDEEP
3072:ojavJBLuA06q250wTMR1k07inWJj4pJPDGNnUR1UbRFTowErT8HwBYy2I647iet3:FLV06qyMRuxWBuCl1FcLrawMTep
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271.exe"C:\Users\Admin\AppData\Local\Temp\f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4400-132-0x0000000002ECD000-0x0000000002EFC000-memory.dmpFilesize
188KB
-
memory/4400-133-0x0000000002E40000-0x0000000002E8B000-memory.dmpFilesize
300KB
-
memory/4400-134-0x0000000007490000-0x0000000007A34000-memory.dmpFilesize
5.6MB
-
memory/4400-135-0x0000000000400000-0x0000000002BAE000-memory.dmpFilesize
39.7MB
-
memory/4400-136-0x0000000007A40000-0x0000000008058000-memory.dmpFilesize
6.1MB
-
memory/4400-137-0x0000000008060000-0x000000000816A000-memory.dmpFilesize
1.0MB
-
memory/4400-138-0x00000000073D0000-0x00000000073E2000-memory.dmpFilesize
72KB
-
memory/4400-139-0x00000000073F0000-0x000000000742C000-memory.dmpFilesize
240KB
-
memory/4400-140-0x0000000002ECD000-0x0000000002EFC000-memory.dmpFilesize
188KB