856bdf33cc81ffff8d23799e11e64cd92a221857dd902054da267499204884d3

Analysis

max time kernel
143s
max time network
148s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
23/03/2023, 01:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Size

43KB
MD5

0fe9db2d2771eeec1f3596dc025453cc
SHA1

1ee2f8c16efff031352c11c22b908fd6f94a0fae
SHA256

45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55
SHA512

6450b2ceab97484611c7322170194230d53977d29d926a54016c1c49bfd89d0a70c9c85d50e371e602a9b0bd7f2677e8af3ce93bb26807a3ec8a893907177365
SSDEEP

384:DZyk04i9jTk7Vqb08yGLws3esM9tGHJIhYb69D9O5UE5QzwBlpJNakkjh/TzF7p:t7Y5A8Y5Gksu9snvQO+P4+L

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe

Suspicious use of AdjustPrivilegeToken 23 IoCs

description	pid	Process
Token: SeDebugPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: 33	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
Token: SeIncBasePriorityPrivilege	1048	45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe

C:\Users\Admin\AppData\Local\Temp\45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe
"C:\Users\Admin\AppData\Local\Temp\45a62f1029038d019e1949acfa94d281e14db00b1a2b344b8dbb0676dd2c4f55.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
PID:1048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1048-54-0x0000000000460000-0x00000000004A0000-memory.dmp

Filesize
256KB

Download
memory/1048-55-0x0000000000460000-0x00000000004A0000-memory.dmp

Filesize
256KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads