4c23f3998894eb0553e85819e4fd09e79528637af83299b71c855080c458926b

Analysis

max time kernel
137s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
18-01-2024 02:50

Target

64479eed58b272457b0ff85cf779d50b.exe
Size

113KB
MD5

64479eed58b272457b0ff85cf779d50b
SHA1

8b19b3a04c4e8799f580753d2ef841a199075106
SHA256

4c23f3998894eb0553e85819e4fd09e79528637af83299b71c855080c458926b
SHA512

7c6066ba6292645d4f99acde8b9cdd32af6fe6d5bf11acaf9d8112419a7bf3f2d5ba8628050fe26713fbecb02d085a9369f4c2579f4918c4e7c5b6bad85e0d9e
SSDEEP

3072:oEwuFhPFzK55Q7UosTyw1Q6DlTJ6v+TizVL+cAmapxVdEcFD/wA:bh+m7zYGzVxyD

Score

1^/10

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	3060	64479eed58b272457b0ff85cf779d50b.exe
Token: SeManageVolumePrivilege	1508	svchost.exe

C:\Users\Admin\AppData\Local\Temp\64479eed58b272457b0ff85cf779d50b.exe
"C:\Users\Admin\AppData\Local\Temp\64479eed58b272457b0ff85cf779d50b.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3060

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:548

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1508

memory/1508-1-0x000001C7BE780000-0x000001C7BE790000-memory.dmp

Filesize
64KB

Download
memory/1508-17-0x000001C7BE880000-0x000001C7BE890000-memory.dmp

Filesize
64KB

Download
memory/1508-33-0x000001C7C6BF0000-0x000001C7C6BF1000-memory.dmp

Filesize
4KB

Download
memory/1508-35-0x000001C7C6C20000-0x000001C7C6C21000-memory.dmp

Filesize
4KB

Download
memory/1508-36-0x000001C7C6C20000-0x000001C7C6C21000-memory.dmp

Filesize
4KB

Download
memory/1508-37-0x000001C7C6D30000-0x000001C7C6D31000-memory.dmp

Filesize
4KB

Download
memory/3060-0-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download