050f58278757ee0a59bae29427a075263af2562b9f5078c38d35a8254bcf6144

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 12:55

Target

20180ae9ba13269c886d1f19571feb69.exe
Size

345KB
MD5

20180ae9ba13269c886d1f19571feb69
SHA1

0b187d5603f75e65089aeff7207e9a56da68c1b8
SHA256

050f58278757ee0a59bae29427a075263af2562b9f5078c38d35a8254bcf6144
SHA512

3f55af5eb2d84f746184e461f35c936572d2be44ffcfa687910eeb441aa49f4a8af89c923d1d5f690203e2c8ef4c05807ec61d1c2d537cda97cb6e356f11b152
SSDEEP

6144:oujgdRI/91IkY5G68DYo1HI4Sdj696ToC9tVDVWQ7YeTBZO0RQjd3:oBdRIFAGlDY2SkKr7YeTzB+

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3040	20180ae9ba13269c886d1f19571feb69.exe

C:\Users\Admin\AppData\Local\Temp\20180ae9ba13269c886d1f19571feb69.exe
"C:\Users\Admin\AppData\Local\Temp\20180ae9ba13269c886d1f19571feb69.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3040