7d9b64d5370a4213977f6a05a0a5e2a4198d1f65b7a01edba3f9191639702fbb

Analysis

max time kernel
148s
max time network
140s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
02-09-2023 10:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Size

78KB
MD5

11f51103b0503a907f2fe737effcba23
SHA1

5519cd0e85228fbc49bc1a14a24785435b184ca4
SHA256

7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7
SHA512

541cd78f3f0aa511aaebcae15cac44f1d1c446162b6f56aee6cb62b5d408acbedf5a587bbedd2cc58d4b0c99f671b7e68a56248064b4ee4f97138f9fffd94a17
SSDEEP

1536:gt6+6Y9yhU19DppS5wpOk3JCK6pFNmXd6fOpd/9nEh9TGKJYR:nhU19QwpOk5CK6XO/9ESKJY

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 35 IoCs

Processes:

7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe

description	pid	process
Token: SeDebugPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: 33	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
Token: SeIncBasePriorityPrivilege	2792	7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe

C:\Users\Admin\AppData\Local\Temp\7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe
"C:\Users\Admin\AppData\Local\Temp\7598961daa8affac4886d4aface1b5cbae1500e386ac42cafca7fc3d9ae5f6c7.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2792-0-0x0000000074030000-0x00000000745DB000-memory.dmp

Filesize
5.7MB

Download
memory/2792-1-0x0000000074030000-0x00000000745DB000-memory.dmp

Filesize
5.7MB

Download
memory/2792-2-0x00000000004C0000-0x0000000000500000-memory.dmp

Filesize
256KB

Download
memory/2792-3-0x0000000074030000-0x00000000745DB000-memory.dmp

Filesize
5.7MB

Download
memory/2792-4-0x0000000074030000-0x00000000745DB000-memory.dmp

Filesize
5.7MB

Download
memory/2792-5-0x00000000004C0000-0x0000000000500000-memory.dmp

Filesize
256KB

Download