e1d63e9dc53e889340fed69fd7bc98613ee4276b8334793ad7c4e9fd4f049246 | Triage

Analysis

max time kernel
118s
max time network
133s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
02/11/2023, 13:14

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

test.exe
Size

28KB
MD5

77ab497fc4ca800d9f1c41c0c4a09fdc
SHA1

fcf82a447989a1fc2f0df2832c70dad96945aaa9
SHA256

e1d63e9dc53e889340fed69fd7bc98613ee4276b8334793ad7c4e9fd4f049246
SHA512

d265db6e5d40d104a67710fa6cfc033ee4f5614dfbfcb80824227dcea8f7985d027625a3d4976197b01e9891f60b582154bd4f6c5a4998300991705ffeda5fa9
SSDEEP

384:FKlh+sktxLMiP2MxHAKnKIwZ0lGprL8eD7DjEZNV9Slv2uD:FxBMG2g3ThGnYZRg

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1748	test.exe

C:\Users\Admin\AppData\Local\Temp\test.exe
"C:\Users\Admin\AppData\Local\Temp\test.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1748-0-0x0000000000F70000-0x0000000000F7E000-memory.dmp

Filesize
56KB

Download
memory/1748-1-0x000007FEF5820000-0x000007FEF620C000-memory.dmp

Filesize
9.9MB

Download
memory/1748-2-0x000007FEF5820000-0x000007FEF620C000-memory.dmp

Filesize
9.9MB

Download