63a895c7257de0443375370d4c06d2aa220d08e4e0e53cd652feb52be94627ca

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/02/2024, 04:58

Target

988877557c83104d57fb72fec68e6ba1.exe
Size

6KB
MD5

988877557c83104d57fb72fec68e6ba1
SHA1

eea55db4b2b4ae504e9ec9d7a1a59d4ef11c8cbd
SHA256

63a895c7257de0443375370d4c06d2aa220d08e4e0e53cd652feb52be94627ca
SHA512

f4c85b29ed330381daecf5080097a888bf33e7814a9e5933c5bac61dbef7f78be17aff7cdd3a58efaf1311bde5258a5c4d88622bd732a1a44353a18c6bedf033
SSDEEP

96:YcbQ3X91GINnBJf0SPdOfAFdVut/a0xJ/rc2glOfSqQXcUaF0a:YcbINnBnFOfA3VE/aWglO3IG

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2476	988877557c83104d57fb72fec68e6ba1.exe

C:\Users\Admin\AppData\Local\Temp\988877557c83104d57fb72fec68e6ba1.exe
"C:\Users\Admin\AppData\Local\Temp\988877557c83104d57fb72fec68e6ba1.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2476

memory/2476-0-0x00000000012D0000-0x00000000012D8000-memory.dmp

Filesize
32KB

Download
memory/2476-1-0x00000000745D0000-0x0000000074CBE000-memory.dmp

Filesize
6.9MB

Download
memory/2476-2-0x0000000004C50000-0x0000000004C90000-memory.dmp

Filesize
256KB

Download
memory/2476-3-0x00000000745D0000-0x0000000074CBE000-memory.dmp

Filesize
6.9MB

Download
memory/2476-4-0x0000000004C50000-0x0000000004C90000-memory.dmp

Filesize
256KB

Download
memory/2476-5-0x00000000745D0000-0x0000000074CBE000-memory.dmp

Filesize
6.9MB

Download