0095639b0cf97bf4f3806b8e92488831d75370d1f95339f3076c7e0d84fdf9b1

Analysis

max time kernel
148s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24/12/2023, 22:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

15e200729143fb8ce749e5faede46477.exe
Size

56KB
MD5

15e200729143fb8ce749e5faede46477
SHA1

a7e25b9d420179a35bc82269881770ae34c4eccb
SHA256

0095639b0cf97bf4f3806b8e92488831d75370d1f95339f3076c7e0d84fdf9b1
SHA512

563eec2469498cb54312a62e0ffe2992ac3ee10fe0eb0f62c685ee8eeb8a07887cf67e58707e44966a5cb37bda0613eef4d1e3dfb366a910933399f1262fe161
SSDEEP

768:iAw7urKtSESxOIyOIRAAXTwrZg976eKEv162IxV+a:AKOoslOGoEvRcV+

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 35 IoCs

description	pid	Process
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe
Token: SeSecurityPrivilege	3596	15e200729143fb8ce749e5faede46477.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3596	15e200729143fb8ce749e5faede46477.exe
3596	15e200729143fb8ce749e5faede46477.exe

C:\Users\Admin\AppData\Local\Temp\15e200729143fb8ce749e5faede46477.exe
"C:\Users\Admin\AppData\Local\Temp\15e200729143fb8ce749e5faede46477.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:3596

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads