23e77f2c18b58527ae74350c18646574d07df7393b3a9d289b5a1b2e1572d041

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 22:01

Target

3ec2b79875b85920326523cd66b4b3a5.exe
Size

289KB
MD5

3ec2b79875b85920326523cd66b4b3a5
SHA1

cf4cd12f8344eaaff40df40b31b4e46c2c028189
SHA256

23e77f2c18b58527ae74350c18646574d07df7393b3a9d289b5a1b2e1572d041
SHA512

9e3bf315aae6fdba129cfb00644d903d525cd5b8a29814c868c2b801c3af38b4893cb9764eea55f691ac2540ec24ab0583a66e1eb82abc58af9bc7dac947c8d7
SSDEEP

6144:PUi0aRHUY1vjapGWCNp/G2H+tv0TBZvEKuJv:si0aRHUAjapGWCNp/G2H+tv0TPBuJv

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4624	3ec2b79875b85920326523cd66b4b3a5.exe

C:\Users\Admin\AppData\Local\Temp\3ec2b79875b85920326523cd66b4b3a5.exe
"C:\Users\Admin\AppData\Local\Temp\3ec2b79875b85920326523cd66b4b3a5.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4624