Analysis
-
max time kernel
26s -
max time network
49s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
-
submitted
04-07-2023 22:18
General
-
Target
Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated/dbgsrv/win64_remote64.exe
-
Size
804KB
-
MD5
9613938952c5e2991063309982f2ae58
-
SHA1
aae4c44ec35960f3729142e0b64edac445d29227
-
SHA256
bf229ad6affcd486910c5654e777dc586f7e806d14b1d6613e03dde26359f2cf
-
SHA512
9bc1a6b96d577bf7d5b9157ebf64f281326440a2d9dd678205e446b6af81db9bcfb96f6c86e30c37bef683544743953d8ee46f89a3fbaf9f18cc94579c2ad8a5
-
SSDEEP
24576:RDe8PcYcOoDekAMNHFZ5AXxu8PcXroThr0:JvXvMHFZmXoa+oT
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated\dbgsrv\win64_remote64.exe"C:\Users\Admin\AppData\Local\Temp\Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated\dbgsrv\win64_remote64.exe"1⤵
- Suspicious use of AdjustPrivilegeToken