d13c4153216e26f6467c9f0d4db101e3581ea01efd8c0b81bc8033e421880b7e | Triage

Analysis

max time kernel
129s
max time network
142s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
24-05-2023 10:06

Sharing

Report Analysis Logs

General

Target

Wpmfx.exe
Size

32KB
MD5

3ac650fc5320e19c713c51bd475320df
SHA1

6eb96e73372934883b9f3e86583853654ec7515f
SHA256

d13c4153216e26f6467c9f0d4db101e3581ea01efd8c0b81bc8033e421880b7e
SHA512

f35b7c1387085fd918a7565e8b9496c9cd81896f7a3f2567bd7c4d0aadcde0d2621b2afc3f6b6e2f5dce7810dc8d16ad8127764a90c9392efec3fdde6d960a33
SSDEEP

384:cffffff23LjL+LfLqLpL0LjOlL6fE4F/KzDR2crO1g8Pxl5CDBmYd:3X6T2t4jiz2HHpPo/d

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1736	Wpmfx.exe

C:\Users\Admin\AppData\Local\Temp\Wpmfx.exe
"C:\Users\Admin\AppData\Local\Temp\Wpmfx.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1736-54-0x0000000000D70000-0x0000000000D7E000-memory.dmp

Filesize
56KB

Download
memory/1736-55-0x000000001B190000-0x000000001B210000-memory.dmp

Filesize
512KB

Download