2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d

Analysis

max time kernel
122s
max time network
141s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 14:01

Target

2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe
Size

1003KB
MD5

94b0f9d07a192760480c035a33086f20
SHA1

e66c7420d5355b28085cbcb8c96cda0e3ac54c0f
SHA256

2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d
SHA512

ce94a1de7f6e8987e0fa65d8bca5d57ada775ba5ba45b5824a9e6b27f49fb585d0bc6be2d3bbc281516073f37e273fa60e9470e14a0f0388527e8c21ba4b85bd
SSDEEP

24576:bmnEZFOzuGNDFfbBPtah53H6luyUguGvzHfJ3WYTxvbM5scC7cs:bmnEZFOzuGNDFf7ahhH6luyUNGzJ3WYV

Score

1^/10

Suspicious use of AdjustPrivilegeToken 5 IoCs

description	pid	Process
Token: SeLockMemoryPrivilege	2776	2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe
Token: SeLockMemoryPrivilege	2776	2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe
Token: SeLockMemoryPrivilege	2776	2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe
Token: SeLockMemoryPrivilege	2776	2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe
Token: SeLockMemoryPrivilege	2776	2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe

C:\Users\Admin\AppData\Local\Temp\2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe
"C:\Users\Admin\AppData\Local\Temp\2dd9f1edfc140ff2a873278d38b6b7a06124354a2a9b077b1c0b01c83fe8c26d.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2776