1132f94ead2ecd99a219680da469d2b34da266b31a6a34aeb3fbc3dd3ea07b14

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
05/08/2023, 15:02

Target

tmp.exe
Size

299KB
MD5

b45100547afcf04161ad8d89607c91e1
SHA1

5fec8b07c5d6cc111aea5040ecc5722bcb3dbd0f
SHA256

1132f94ead2ecd99a219680da469d2b34da266b31a6a34aeb3fbc3dd3ea07b14
SHA512

99df51045411b4a94d97fd9649bac1997a727fb73509d1d611790440b0d577d8d3443b9d5ca05be647116d87f6c762ef287af7c15383771b2f0e6e7d268bea09
SSDEEP

6144:ii603WckymOm2AujVhi2CBqs6xeyAVOHooSmqN3SvKUaGu9rAGu9r+v:r1Zk8BLFsdUmpSvKUSuMv

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1076	tmp.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1076	tmp.exe

memory/1076-54-0x0000000000980000-0x00000000009D0000-memory.dmp

Filesize
320KB

Download
memory/1076-55-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

Filesize
9.9MB

Download
memory/1076-56-0x000000001B1F0000-0x000000001B270000-memory.dmp

Filesize
512KB

Download
memory/1076-57-0x000000001B1F0000-0x000000001B270000-memory.dmp

Filesize
512KB

Download
memory/1076-58-0x000000001B1F0000-0x000000001B270000-memory.dmp

Filesize
512KB

Download
memory/1076-59-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

Filesize
9.9MB

Download
memory/1076-60-0x000000001B1F0000-0x000000001B270000-memory.dmp

Filesize
512KB

Download