cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6

Analysis

max time kernel
118s
max time network
135s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
11-10-2023 23:34

Target

cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe
Size

971KB
MD5

4f53da2031dac8fbeaff7399bb5fe900
SHA1

2d40daafcd70c2ea02f0c12ebed98f49d7ff09f3
SHA256

cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6
SHA512

7fc69f7171cc92775d4cc5694448f53406e793190a08f0d14ca37910dc659a20c7ed00d95a6672cfbc48cae568602cd2eda1086315ad29748765c580e2010cc6
SSDEEP

12288:csAfas3qFQ5Z+nlXy+rSevTdoOsWqoWwZRn19xmJcqbJuQpsnVijK:lAfhqG3+nlXyc92ObioSJzbBsnV

Score

1^/10

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeLockMemoryPrivilege	2744	cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe
Token: SeLockMemoryPrivilege	2744	cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe
Token: SeLockMemoryPrivilege	2744	cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe
Token: SeLockMemoryPrivilege	2744	cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe
Token: SeLockMemoryPrivilege	2744	cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe

C:\Users\Admin\AppData\Local\Temp\cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe
"C:\Users\Admin\AppData\Local\Temp\cf90cadb9f60c035c150345e20f340e4f44b90ed464075511d77c8dc6ccd69e6.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2744