36e65da4fdc760a3268c45133db5b563a9b86d96e1278942da524816a0c4dacc

Analysis

max time kernel
145s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
12/02/2024, 22:51

Target

97d055e474911c04afd0e97694aab1d1.exe
Size

652KB
MD5

97d055e474911c04afd0e97694aab1d1
SHA1

2321136087ac71bbc7bbbd7170252c316f50b2a4
SHA256

36e65da4fdc760a3268c45133db5b563a9b86d96e1278942da524816a0c4dacc
SHA512

c4869d0a425ec61a38cb5ecfa744358fa4e1ffbe4b6f49b3c03983c17131c2983cdb9fb4c5df9c0b6e1d0edc289f116a49ca955a817172ea0f3aa195fc6c6d9a
SSDEEP

12288:pVbQFyGqdiCV1OtuyZ3FKrHs3E5t5Kz3HbonyyCA4i6iNNYI++lR0:pAyNgCfwuyZ3FKrHs3E5tMLUyyBz6tP

Score

1^/10

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	5380	97d055e474911c04afd0e97694aab1d1.exe
Token: SeLoadDriverPrivilege	5380	97d055e474911c04afd0e97694aab1d1.exe

C:\Users\Admin\AppData\Local\Temp\97d055e474911c04afd0e97694aab1d1.exe
"C:\Users\Admin\AppData\Local\Temp\97d055e474911c04afd0e97694aab1d1.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5380