998709df716b9a097b34ed83531129fbf044c0785096a7f4df187d06f1b831b5

Analysis

max time kernel
135s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2023, 21:14

Target

MinecraftInstaller.exe
Size

32.0MB
MD5

24b3de3538133086e007899bce1a9f4d
SHA1

584bed740c7d119b3fdca99dc8652979b70e3716
SHA256

998709df716b9a097b34ed83531129fbf044c0785096a7f4df187d06f1b831b5
SHA512

ff0bb03da6a6cc5eb63b15a706779f27bc05f06fb9c3d27d72cc6a187e2d2d39f4e31ff39f8a44785b138903173301c7c6c3f74bc564fdb7b2386d77c7cdcf05
SSDEEP

393216:1bekuyo9nMK50UGRXLePuq2ZWy/c5zFviMKe2OHmwv9CsTmsueFFza9yJ:8Zn/G4Gqk1cWe2iTVCMue3L

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3340	MinecraftInstaller.exe

C:\Users\Admin\AppData\Local\Temp\MinecraftInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\MinecraftInstaller.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3340

memory/3340-133-0x0000000000900000-0x00000000028FC000-memory.dmp

Filesize
32.0MB

Download
memory/3340-134-0x0000000004CE0000-0x0000000004CF0000-memory.dmp

Filesize
64KB

Download
memory/3340-136-0x00000000082A0000-0x00000000082A8000-memory.dmp

Filesize
32KB

Download
memory/3340-138-0x0000000004CE0000-0x0000000004CF0000-memory.dmp

Filesize
64KB

Download
memory/3340-139-0x000000000B120000-0x000000000B128000-memory.dmp

Filesize
32KB

Download
memory/3340-140-0x000000000B740000-0x000000000B778000-memory.dmp

Filesize
224KB

Download
memory/3340-141-0x000000000B1F0000-0x000000000B1FE000-memory.dmp

Filesize
56KB

Download
memory/3340-142-0x0000000004CE0000-0x0000000004CF0000-memory.dmp

Filesize
64KB

Download
memory/3340-143-0x0000000004CE0000-0x0000000004CF0000-memory.dmp

Filesize
64KB

Download
memory/3340-144-0x0000000004CE0000-0x0000000004CF0000-memory.dmp

Filesize
64KB

Download