Analysis
-
max time kernel
150s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23/02/2024, 22:59
Behavioral task
behavioral1
Sample
a08fd72b86df0fa9b00dad61810ca714.exe
Resource
win7-20240221-en
2 signatures
150 seconds
General
-
Target
a08fd72b86df0fa9b00dad61810ca714.exe
-
Size
647KB
-
MD5
a08fd72b86df0fa9b00dad61810ca714
-
SHA1
c3f10ea5e9964c42123f9b86ec625448d314db3d
-
SHA256
448bc3c1b2a6ffe10c444213375290d9081240182d505e9d64171f126bf5b059
-
SHA512
07c879a5e979abbde49647c433bf372a3240adaf9aa5724becf4245966d26cc1819aa0df4070e18594b03905bb88e00ddc66a3010cba96ea6bb49212799faf0d
-
SSDEEP
12288:86A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhjv:RAmBpVKHu0Mu9Xo20VGLVP5jv
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 23 IoCs
description pid Process Token: SeIncreaseQuotaPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSecurityPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeTakeOwnershipPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeLoadDriverPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSystemProfilePrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSystemtimePrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeProfSingleProcessPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeIncBasePriorityPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeCreatePagefilePrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeBackupPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeRestorePrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeShutdownPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeDebugPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSystemEnvironmentPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeChangeNotifyPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeRemoteShutdownPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeUndockPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeManageVolumePrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeImpersonatePrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeCreateGlobalPrivilege 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: 33 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: 34 1352 a08fd72b86df0fa9b00dad61810ca714.exe Token: 35 1352 a08fd72b86df0fa9b00dad61810ca714.exe