15c29da20384f4260d6143c87cecd0433deac1c4c604bac977704b24b6927a04 | Triage

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 15:19

Sharing

Report Analysis Logs

General

Target

28c9f6f5a5abf744433b382e3c1f75fb.exe
Size

160KB
MD5

28c9f6f5a5abf744433b382e3c1f75fb
SHA1

64d908d0de6115823ff7598ba62f7e7e21d88b53
SHA256

15c29da20384f4260d6143c87cecd0433deac1c4c604bac977704b24b6927a04
SHA512

dce23913ff363eb2cda6036df303d215079a85b9c9456bea9d6a4405c82c1c4b9bfd32a12e4a5a48830eb95d567ce2af8b3b043a84ea1c79c9850e356e8cf360
SSDEEP

3072:+22rJebqxN7J/KSJotZVepkX5n2oY1foA/rG:Cr8qwwS/WG

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1660	28c9f6f5a5abf744433b382e3c1f75fb.exe

C:\Users\Admin\AppData\Local\Temp\28c9f6f5a5abf744433b382e3c1f75fb.exe
"C:\Users\Admin\AppData\Local\Temp\28c9f6f5a5abf744433b382e3c1f75fb.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1660-0-0x0000000000400000-0x0000000000429000-memory.dmp

Filesize
164KB

Download
memory/1660-1-0x0000000000400000-0x0000000000429000-memory.dmp

Filesize
164KB

Download