619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4

Analysis

max time kernel
141s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230831-en
resource tags

arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
submitted
01/09/2023, 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Size

1.4MB
MD5

5c84df9ec80bd216c6809a9021bf5563
SHA1

91e5395181351f009d0d3d9a7600897a62cea308
SHA256

619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4
SHA512

fc5bb5f6bbff32e49b291d5afd869872c64a4b2e70be0c67fb58ff5bbe2d113b4ab62b326e6765a53c9b6b7a06df3ebc8acf99dcafa0e923911da7c899b2e037
SSDEEP

24576:PzKfoXJe4KNA4NtCC08WVT4CHBIZ/+S640Q5sXX:LC4YtC6WuChC+SAQk

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 49 IoCs

description	pid	Process
Token: SeDebugPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 1	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeCreateTokenPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeAssignPrimaryTokenPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeLockMemoryPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeIncreaseQuotaPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeMachineAccountPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeTcbPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeSecurityPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeTakeOwnershipPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeLoadDriverPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeSystemProfilePrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeSystemtimePrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeProfSingleProcessPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeIncBasePriorityPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeCreatePagefilePrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeCreatePermanentPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeBackupPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeRestorePrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeShutdownPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeDebugPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeAuditPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeSystemEnvironmentPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeChangeNotifyPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeRemoteShutdownPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeUndockPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeSyncAgentPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeEnableDelegationPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeManageVolumePrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeImpersonatePrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: SeCreateGlobalPrivilege	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 31	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 32	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 33	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 34	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 35	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 36	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 37	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 38	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 39	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 40	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 41	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 42	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 43	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 44	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 45	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 46	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 47	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
Token: 48	4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
4864	619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe

C:\Users\Admin\AppData\Local\Temp\619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe
"C:\Users\Admin\AppData\Local\Temp\619f5721969519b4cd79b35926acefadcd7701960aa9bd49d680d890bead63a4.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4864-0-0x0000000010000000-0x000000001003C000-memory.dmp

Filesize
240KB

Download
memory/4864-7-0x0000000010000000-0x000000001003C000-memory.dmp

Filesize
240KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads