20328ae2248b1291043b251ff13a32b8c90318b99301d3b81ea424acb953c854

Analysis

max time kernel
28s
max time network
30s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
11-05-2023 23:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7245c6a258e8b4f80cf7274081c5f76e9be5a8907a23b86e6d26cc3f26f30591.exe
Size

192KB
MD5

f41d65dcf54cceb66a5feebabb3003bb
SHA1

2562236cd5ee3f6dc22b61ff6db7824911552e0c
SHA256

7245c6a258e8b4f80cf7274081c5f76e9be5a8907a23b86e6d26cc3f26f30591
SHA512

8fb4c49c7b115960a441f83ee8f2843c2a3c6f10a7a1ee4ebae56e43fc9f2e09bd806a6ff6e3829302be949d2949195cde3175e7e871c299670ae3c0be530761
SSDEEP

3072:hDKW1LgppLRHMY0TBfJvjcTp5XZVzP3rGiOHn9Op3:hDKW1Lgbdl0TBBvjc/ZVzP3ydOx

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	924	7245c6a258e8b4f80cf7274081c5f76e9be5a8907a23b86e6d26cc3f26f30591.exe

C:\Users\Admin\AppData\Local\Temp\7245c6a258e8b4f80cf7274081c5f76e9be5a8907a23b86e6d26cc3f26f30591.exe
"C:\Users\Admin\AppData\Local\Temp\7245c6a258e8b4f80cf7274081c5f76e9be5a8907a23b86e6d26cc3f26f30591.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/924-54-0x00000000004C0000-0x00000000004E0000-memory.dmp

Filesize
128KB

Download
memory/924-55-0x0000000001E70000-0x0000000001E90000-memory.dmp

Filesize
128KB

Download
memory/924-56-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-57-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-59-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-61-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-63-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-65-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-67-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-69-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-71-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-73-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-75-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-77-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-79-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-81-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-83-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-85-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-87-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-89-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-91-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-93-0x0000000001E70000-0x0000000001E88000-memory.dmp

Filesize
96KB

Download
memory/924-94-0x0000000004960000-0x00000000049A0000-memory.dmp

Filesize
256KB

Download
memory/924-95-0x0000000004960000-0x00000000049A0000-memory.dmp

Filesize
256KB

Download
memory/924-96-0x0000000004960000-0x00000000049A0000-memory.dmp

Filesize
256KB

Download
memory/924-97-0x0000000001F30000-0x0000000001F31000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads