740253f7075ea5e09021a78ff868d9c90931210aa12e2da91b60f1ea7380f759

Analysis

max time kernel
146s
max time network
155s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
03/10/2023, 14:21

Target

740253f7075ea5e09021a78ff868d9c90931210aa12e2da91b60f1ea7380f759(1).exe
Size

315KB
MD5

754a0ca3356a8f76909cd9c5c41234d5
SHA1

c3d9d52316b071f0db5ca9cd6999bfc06141795b
SHA256

740253f7075ea5e09021a78ff868d9c90931210aa12e2da91b60f1ea7380f759
SHA512

d1fdc37b367dd2dba4cb75021299c12c22064b40d48ba6250568727b565e73c7bbe03691bb0b288dc0b588679d6d9408bf7ff7bb60a69b26e41cf69c4c78fbe5
SSDEEP

6144:K3B4ZXBhCirEL5BH46Zk16P9R8G1jqJ6TVKSK:K3BghvrELPH46ZAKjoQES

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3020	740253f7075ea5e09021a78ff868d9c90931210aa12e2da91b60f1ea7380f759(1).exe

C:\Users\Admin\AppData\Local\Temp\740253f7075ea5e09021a78ff868d9c90931210aa12e2da91b60f1ea7380f759(1).exe
"C:\Users\Admin\AppData\Local\Temp\740253f7075ea5e09021a78ff868d9c90931210aa12e2da91b60f1ea7380f759(1).exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3020

memory/3020-0-0x0000000073EE0000-0x00000000745CE000-memory.dmp

Filesize
6.9MB

Download
memory/3020-1-0x0000000000E60000-0x0000000000EB6000-memory.dmp

Filesize
344KB

Download
memory/3020-2-0x0000000004870000-0x00000000048B0000-memory.dmp

Filesize
256KB

Download
memory/3020-3-0x00000000008E0000-0x00000000008EA000-memory.dmp

Filesize
40KB

Download
memory/3020-4-0x0000000073EE0000-0x00000000745CE000-memory.dmp

Filesize
6.9MB

Download
memory/3020-5-0x0000000004870000-0x00000000048B0000-memory.dmp

Filesize
256KB

Download