909984d4f2202d99d247b645c2089b014a835d5fe138ccd868a7fc87000d5ba1

Resubmissions

28/08/2023, 10:16

02/07/2023, 12:41

max time kernel
132s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
02/07/2023, 12:41

Target

236535-KB824105-x86-ENUex.exe
Size

214KB
MD5

70bd663276c9498dca435d8e8daa8729
SHA1

9350c1c65d8584ad39b04f6f50154dd8c476c5b4
SHA256

909984d4f2202d99d247b645c2089b014a835d5fe138ccd868a7fc87000d5ba1
SHA512

03323ffe850955b46563d735a97f926fdf435afc00ddf8475d7ab277a92e9276ab0b5e82c38d5633d6e9958b147c188348e93aa55fb4f10c6a6725b49234f47f
SSDEEP

3072:ENvZ8Nl+vbHzA6xo+zF6rgoGKOgeTH0PftL55uiFWzPVlCmL2u4fFsu:CvaNovbMbZUoGFTCnFW+ouf2

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	5084	236535-KB824105-x86-ENUex.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 5084 wrote to memory of 4792	5084	236535-KB824105-x86-ENUex.exe	85
PID 5084 wrote to memory of 4792	5084	236535-KB824105-x86-ENUex.exe	85
PID 5084 wrote to memory of 4792	5084	236535-KB824105-x86-ENUex.exe	85
PID 4792 wrote to memory of 3664	4792	cmd.exe	87
PID 4792 wrote to memory of 3664	4792	cmd.exe	87
PID 4792 wrote to memory of 3664	4792	cmd.exe	87

memory/5084-133-0x0000000000220000-0x000000000025C000-memory.dmp

Filesize
240KB

Download
memory/5084-134-0x0000000005270000-0x0000000005814000-memory.dmp

Filesize
5.6MB

Download
memory/5084-135-0x0000000004C10000-0x0000000004CA2000-memory.dmp

Filesize
584KB

Download
memory/5084-136-0x0000000004CC0000-0x0000000004CCA000-memory.dmp

Filesize
40KB

Download
memory/5084-137-0x0000000004E60000-0x0000000004E70000-memory.dmp

Filesize
64KB

Download
memory/5084-138-0x0000000007C40000-0x000000000816C000-memory.dmp

Filesize
5.2MB

Download
memory/5084-139-0x0000000004E60000-0x0000000004E70000-memory.dmp

Filesize
64KB

Download