3d5c016ded8af42241a278854c40414fc57dfc9b27751aaa92a25d6b8a187e0d

Analysis

max time kernel
149s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
17-05-2023 09:52

Target

Adobe Premiere Pro Crack/Set-up.exe
Size

1021.2MB
MD5

20bb576a3863d7d4de2e69ab113b58de
SHA1

be884fa3b406d031fbfefd2307314447d16f3aa6
SHA256

0136126495313b29e1726a57684dbd5ac282f4acc804c6ed7d39cfc319edbdf4
SHA512

6228ad98edbec74203efc41d3943e30b084bcee640b6e372fb04f63c72fed1d966b75d4a74429c9744c41c44efbf363c6a12f6d0b82f2cb58c5a3b562feffb7b
SSDEEP

12288:CPqHB7etS1aWOvxVU5VA+oHVdvrD02kFpGaHk/R+HLYlEgyUQ8D0FDIhtUShMMsf:CsBGS1X7mIFpRHkgydtQ8DswY7B9/Ql

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1416	Set-up.exe
1416	Set-up.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1416	Set-up.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1416 wrote to memory of 632	1416	Set-up.exe	84
PID 1416 wrote to memory of 632	1416	Set-up.exe	84
PID 1416 wrote to memory of 632	1416	Set-up.exe	84

C:\Users\Admin\AppData\Local\Temp\Adobe Premiere Pro Crack\Set-up.exe
"C:\Users\Admin\AppData\Local\Temp\Adobe Premiere Pro Crack\Set-up.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:1416
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
  2⤵
  PID:632

memory/1416-133-0x0000000000020000-0x0000000000264000-memory.dmp

Filesize
2.3MB

Download