85926bd7352721aa38780ab3d3b39900e64f4d9265f1ec4cca55a43fbe04bbd6 | Triage

Analysis

max time kernel
92s
max time network
97s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
30-03-2023 18:44

Sharing

Report Analysis Logs

General

Target

task2.exe
Size

100KB
MD5

67db7ebc0fa26da1d8dba01f0c177c84
SHA1

9189146065d2e113d865fdb6e612414efd3e08f3
SHA256

85926bd7352721aa38780ab3d3b39900e64f4d9265f1ec4cca55a43fbe04bbd6
SHA512

827efb5b2373b071bced3e09388bf2418598e142692a7c63ac6dec312cc339f687993dfe1cb9f88881aa57ddae92e571c3ae925ef67fcbd32a0c1735378923e2
SSDEEP

3072:3lI56bYi8UKMzZ61hTXWSu1BAszJOLg0YVQHgbcC5:Kw58IQTXqBAi1cC5

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	1064	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1064	AUDIODG.EXE
Token: 33	1064	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1064	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\task2.exe
"C:\Users\Admin\AppData\Local\Temp\task2.exe"
1⤵
PID:2044

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:1880

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4fc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads