e41491e0e5f83b43948fb6688113af954e297e7b2ed86218d41b18efd16c3c22

Analysis

max time kernel
181s
max time network
187s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 00:43

Target

Serain19092023_nueva_transferencia.exe
Size

266KB
MD5

3d738359c71ad6b24964a471b8355e26
SHA1

9325341513eff4e8d72d8227786d1ae74063a787
SHA256

53746744b5f43d51db44aedd46b836b253593e99e88e409116a28f58f4208e61
SHA512

06e06a9761be1bb97864038f02288b9ef65f417e4f8834246642aaa209ff9af6a2f8c41249d87914fbfcad5d68bdd288a41ade3bd41015edbcd3bb4d48aa978a
SSDEEP

6144:ODKW1Lgbdl0TBBvjc/nnl6wKF6vAyXI/Euvj5:Ih1Lk70TnvjcfnlGKrXI/d

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1016	Serain19092023_nueva_transferencia.exe

C:\Users\Admin\AppData\Local\Temp\Serain19092023_nueva_transferencia.exe
"C:\Users\Admin\AppData\Local\Temp\Serain19092023_nueva_transferencia.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1016

memory/1016-0-0x0000000002470000-0x00000000024B4000-memory.dmp

Filesize
272KB

Download
memory/1016-1-0x0000000074D80000-0x0000000075530000-memory.dmp

Filesize
7.7MB

Download
memory/1016-2-0x0000000004AF0000-0x0000000004B00000-memory.dmp

Filesize
64KB

Download
memory/1016-3-0x0000000004AF0000-0x0000000004B00000-memory.dmp

Filesize
64KB

Download
memory/1016-4-0x0000000004AF0000-0x0000000004B00000-memory.dmp

Filesize
64KB

Download
memory/1016-5-0x0000000004B00000-0x00000000050A4000-memory.dmp

Filesize
5.6MB

Download
memory/1016-6-0x0000000002670000-0x00000000026B0000-memory.dmp

Filesize
256KB

Download
memory/1016-7-0x0000000004AF0000-0x0000000004B00000-memory.dmp

Filesize
64KB

Download
memory/1016-8-0x0000000005DE0000-0x0000000005E72000-memory.dmp

Filesize
584KB

Download
memory/1016-10-0x0000000074D80000-0x0000000075530000-memory.dmp

Filesize
7.7MB

Download