9b09b3142d5d1a87eff28d4ef4846a2fce8109304409011c7c333debfd9de4c5

Analysis

max time kernel
153s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
06/03/2024, 22:10

Target

9b09b3142d5d1a87eff28d4ef4846a2fce8109304409011c7c333debfd9de4c5.exe
Size

1.2MB
MD5

e079e133f7b2024ddc2619b58054cbb4
SHA1

df08d5dac06de0ecca9524a34c21558e6bc35570
SHA256

9b09b3142d5d1a87eff28d4ef4846a2fce8109304409011c7c333debfd9de4c5
SHA512

7a86f5f8e40eafe3da31c3740537ac83c2e710df5fffdd087e44b94e3f44d34d89ea0e4445804555399317f8369b0cee17d8ab9343e2bcae8a2e8c5c71bb3ff4
SSDEEP

24576:8lv3yIUPE1Bubmq3nT6j3/Hofe3y1sInB2COzRq8DvFqt:8lfyIUPE1BuB3uj/P4suIRbDv

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	9b09b3142d5d1a87eff28d4ef4846a2fce8109304409011c7c333debfd9de4c5.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	116	9b09b3142d5d1a87eff28d4ef4846a2fce8109304409011c7c333debfd9de4c5.exe

memory/116-0-0x0000000140000000-0x000000014013A000-memory.dmp

Filesize
1.2MB

Download
memory/116-1-0x0000000000A00000-0x0000000000A60000-memory.dmp

Filesize
384KB

Download
memory/116-7-0x0000000000A00000-0x0000000000A60000-memory.dmp

Filesize
384KB

Download
memory/116-12-0x0000000140000000-0x000000014013A000-memory.dmp

Filesize
1.2MB

Download
memory/116-10-0x0000000000A00000-0x0000000000A60000-memory.dmp

Filesize
384KB

Download