aa01b61e797f3bd5baedb4e7f8133247514af0c8385de101e33d081f863b3194

Analysis

max time kernel
95s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
24-12-2023 02:05

Target

68b119d0c8e3bd0c0d72e4f1cca7bf78.exe
Size

38.1MB
MD5

68b119d0c8e3bd0c0d72e4f1cca7bf78
SHA1

0270ddf5a8de7ebfd881e3efe416e7f050e10f3b
SHA256

aa01b61e797f3bd5baedb4e7f8133247514af0c8385de101e33d081f863b3194
SHA512

3a74102bffbffa7d11cccfe7cf63ff2022cf320ac810a7703a18eea8865f721e33c90b642405bcb67459c4534d384259c0dfea54f2062ea6e610029bfc4af736
SSDEEP

786432:BHFbz9TK5pnE1Y684f1dS4PEJFTERfvMYG1aEytK5pZnxgE1YVz92auotQ:79TK51Ei8f1dS4PEPMcYcvytK5zn+EiA

Score

1^/10

Modifies Control Panel 1 IoCs

evasion

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000\Control Panel\Colors	68b119d0c8e3bd0c0d72e4f1cca7bf78.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4052	68b119d0c8e3bd0c0d72e4f1cca7bf78.exe

memory/4052-0-0x00007FFF94250000-0x00007FFF9474E000-memory.dmp

Filesize
5.0MB

Download
memory/4052-1-0x00007FFF94250000-0x00007FFF9474E000-memory.dmp

Filesize
5.0MB

Download