Analysis
-
max time kernel
150s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system -
submitted
23/02/2024, 22:59
Behavioral task
behavioral1
Sample
a08fd72b86df0fa9b00dad61810ca714.exe
Resource
win7-20240221-en
2 signatures
150 seconds
General
-
Target
a08fd72b86df0fa9b00dad61810ca714.exe
-
Size
647KB
-
MD5
a08fd72b86df0fa9b00dad61810ca714
-
SHA1
c3f10ea5e9964c42123f9b86ec625448d314db3d
-
SHA256
448bc3c1b2a6ffe10c444213375290d9081240182d505e9d64171f126bf5b059
-
SHA512
07c879a5e979abbde49647c433bf372a3240adaf9aa5724becf4245966d26cc1819aa0df4070e18594b03905bb88e00ddc66a3010cba96ea6bb49212799faf0d
-
SSDEEP
12288:86A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhjv:RAmBpVKHu0Mu9Xo20VGLVP5jv
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 24 IoCs
description pid Process Token: SeIncreaseQuotaPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSecurityPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeTakeOwnershipPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeLoadDriverPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSystemProfilePrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSystemtimePrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeProfSingleProcessPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeIncBasePriorityPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeCreatePagefilePrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeBackupPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeRestorePrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeShutdownPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeDebugPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeSystemEnvironmentPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeChangeNotifyPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeRemoteShutdownPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeUndockPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeManageVolumePrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeImpersonatePrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: SeCreateGlobalPrivilege 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: 33 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: 34 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: 35 3228 a08fd72b86df0fa9b00dad61810ca714.exe Token: 36 3228 a08fd72b86df0fa9b00dad61810ca714.exe