18a29ebd902a52add72e3eecb6a234e221fb91b24ae776394703b2c138beacb1

Resubmissions

25/05/2023, 19:48

25/05/2023, 19:46

25/05/2023, 19:33

25/05/2023, 19:33

25/05/2023, 19:27

max time kernel
129s
max time network
34s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
25/05/2023, 19:27

Target

@lbzvm+s8460+397+6728+591+46 5+6684+ zbdovis+ 2839+8045.pdf
Size

33KB
MD5

d3945d4eab98cf2d48e34cff91a3c843
SHA1

a73d10b005208c06ab772c635d581473dcfeaf20
SHA256

18a29ebd902a52add72e3eecb6a234e221fb91b24ae776394703b2c138beacb1
SHA512

4006351b7b9df138115ed0f4e893cb025c492fcb2f9b6f221eb1ba741be89572cb0ccc4cb8edcd0b5bad93606dc0f53b50d858bb3e648516e85ca5f86c269608
SSDEEP

768:C4/gHYX/wnbFDyzeD1Wkzu30XkLGHj+4R0EzkavINL+xPt1xv:v0YX4nxD0eJXU6+4MqI1aZv

Score

1^/10

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	1656	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1656	AUDIODG.EXE
Token: 33	1656	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1656	AUDIODG.EXE

Suspicious use of SetWindowsHookEx 4 IoCs

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\@lbzvm+s8460+397+6728+591+46 5+6684+ zbdovis+ 2839+8045.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:820

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x514
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1656

memory/820-54-0x00000000011B0000-0x0000000001226000-memory.dmp

Filesize
472KB

Download