38d2e347456afed0ef9f7691d4d60210706abdcf8e60a64e1e737074b3c59146

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2023 15:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

78f59a1c639625eee5e0845fe68d34e0.exe
Size

44KB
MD5

78f59a1c639625eee5e0845fe68d34e0
SHA1

7162147bfbf4da781ae75cb88ca68df6187f5a5b
SHA256

38d2e347456afed0ef9f7691d4d60210706abdcf8e60a64e1e737074b3c59146
SHA512

9e0383239e3de5b3e25a4c49ae4dfff5d675160c12128ad0eb782ca5ce7c6819742921c9d7325be331b47e1c1a63b223db5ff3b5504386b486f3b02169cb16c2
SSDEEP

384:JuSXMBwzNTw8RPiRkpEaNQOXlWuBMosenkulvTtLbIaWTNm61bWHNeLm+HXg9:DVJTwQckW09x9lrtATNm8MNeKkg9

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 28 IoCs

description	pid	Process
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: 33	540	78f59a1c639625eee5e0845fe68d34e0.exe
Token: SeIncBasePriorityPrivilege	540	78f59a1c639625eee5e0845fe68d34e0.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
540	78f59a1c639625eee5e0845fe68d34e0.exe
540	78f59a1c639625eee5e0845fe68d34e0.exe

C:\Users\Admin\AppData\Local\Temp\78f59a1c639625eee5e0845fe68d34e0.exe
"C:\Users\Admin\AppData\Local\Temp\78f59a1c639625eee5e0845fe68d34e0.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:540

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads