3473bb33d1a1b43963c2d14fcb68f64df749393fe30cbd5c801904ce109a7362

Analysis

max time kernel
139s
max time network
149s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
19-02-2024 04:39

Target

3473bb33d1a1b43963c2d14fcb68f64df749393fe30cbd5c801904ce109a7362.exe
Size

3.7MB
MD5

aa38e14eb074117cba16a0259d741b26
SHA1

198afc7c26a5bc202cc726168c86d44fbf1a8d3b
SHA256

3473bb33d1a1b43963c2d14fcb68f64df749393fe30cbd5c801904ce109a7362
SHA512

7c3c234e186315aaff4757665fe809a85deb5148c0f5d37b617665b7f335e01d3655b916a4ece52362df21a45b47d9a25de12594f67848eed841c771004bceca
SSDEEP

49152:AqTnFuod3ux4Jsrb/TSvO90d7HjmAFd4A64nsfJSZPoBekC4hewdxMCy5EIg/IDO:9f3jONYEYaB

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2916	3473bb33d1a1b43963c2d14fcb68f64df749393fe30cbd5c801904ce109a7362.exe

C:\Users\Admin\AppData\Local\Temp\3473bb33d1a1b43963c2d14fcb68f64df749393fe30cbd5c801904ce109a7362.exe
"C:\Users\Admin\AppData\Local\Temp\3473bb33d1a1b43963c2d14fcb68f64df749393fe30cbd5c801904ce109a7362.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2916