5589723f2d4de74c2d7f852e61daceb76cb27b626db150740a78c28d6d7fb812 | Triage

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 18:54

Sharing

Report Analysis Logs

General

Target

3601a99edf010757f8c1ec77e8a8acf6.exe
Size

293KB
MD5

3601a99edf010757f8c1ec77e8a8acf6
SHA1

2954f5e4e539f5fa3d4c63b295cb998a6e5c31e4
SHA256

5589723f2d4de74c2d7f852e61daceb76cb27b626db150740a78c28d6d7fb812
SHA512

3cd09108c65072a6b4c34db88cbf260bb3a5dfceebd5b035ff55aa3a3e7b733346b3092369b03929a3d7f2fcfe6f523761429854b9b303720d118082b19548bf
SSDEEP

6144:BGC6dLOK8ehb1QOQEVbpMVxpEalNoTXivI5Xc:4C6EK8ehb1QOQ4bMeXiQc

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 10 IoCs

description	pid	Process
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe
Token: SeDebugPrivilege	2184	3601a99edf010757f8c1ec77e8a8acf6.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2184	3601a99edf010757f8c1ec77e8a8acf6.exe

C:\Users\Admin\AppData\Local\Temp\3601a99edf010757f8c1ec77e8a8acf6.exe
"C:\Users\Admin\AppData\Local\Temp\3601a99edf010757f8c1ec77e8a8acf6.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads