3adb9e20420c73dc91e19761fc736182704ea01dcac83ad2b16ce11b69881b04 | Triage

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06/01/2024, 04:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

454f7f8cd2a67aa0799921465c83201a.exe
Size

95KB
MD5

454f7f8cd2a67aa0799921465c83201a
SHA1

4bb01040ea8b554b70accde571a1b8cd8ebd7e19
SHA256

3adb9e20420c73dc91e19761fc736182704ea01dcac83ad2b16ce11b69881b04
SHA512

4257490be306ec26bc44227dd222128ededbcbf912bdb2a33c234565c5f9567c659efed5cc2e8ea6d1492d17e81cb8d63d98777378d2d2eaa60fec1c7b78ffb6
SSDEEP

1536:PSyBYEed/msEQM/iYl6n5jRcdRaeiUpbe:TBXedEQ8tYoRXE

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3016	454f7f8cd2a67aa0799921465c83201a.exe

C:\Users\Admin\AppData\Local\Temp\454f7f8cd2a67aa0799921465c83201a.exe
"C:\Users\Admin\AppData\Local\Temp\454f7f8cd2a67aa0799921465c83201a.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3016-0-0x0000000000250000-0x000000000026E000-memory.dmp

Filesize
120KB

Download
memory/3016-1-0x0000000074E30000-0x000000007551E000-memory.dmp

Filesize
6.9MB

Download
memory/3016-3-0x0000000000470000-0x0000000000570000-memory.dmp

Filesize
1024KB

Download
memory/3016-4-0x0000000074E30000-0x000000007551E000-memory.dmp

Filesize
6.9MB

Download