23fb58e4ba4119044805c37bbc7fdf2bc69b48964fc1a5008308958dfc10e1e5

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
07/03/2024, 02:09

Target

23fb58e4ba4119044805c37bbc7fdf2bc69b48964fc1a5008308958dfc10e1e5.exe
Size

34KB
MD5

b1ad8358baf4e879f8b639bb37900c43
SHA1

a71c8bfa576177535de7f23e05210dd4aeab369f
SHA256

23fb58e4ba4119044805c37bbc7fdf2bc69b48964fc1a5008308958dfc10e1e5
SHA512

ed0c15b4d42737e50f44ce973143db3ea0367ed8665da26ae405493d1f6245ff43b6205a79c83171f9c9d3433e3b77285c24ce539d84fc7114dd6d09d9898bd2
SSDEEP

768:+DfjzHwpLs1vLL9Eh4Iu1/CTPQGjnI1JWE0/ay:+TjzHwpLsZREhDByWE0/ay

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2976	23fb58e4ba4119044805c37bbc7fdf2bc69b48964fc1a5008308958dfc10e1e5.exe

C:\Users\Admin\AppData\Local\Temp\23fb58e4ba4119044805c37bbc7fdf2bc69b48964fc1a5008308958dfc10e1e5.exe
"C:\Users\Admin\AppData\Local\Temp\23fb58e4ba4119044805c37bbc7fdf2bc69b48964fc1a5008308958dfc10e1e5.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2976

memory/2976-0-0x0000000000490000-0x000000000049E000-memory.dmp

Filesize
56KB

Download
memory/2976-1-0x0000000075330000-0x0000000075AE0000-memory.dmp

Filesize
7.7MB

Download
memory/2976-2-0x0000000004E60000-0x0000000004E70000-memory.dmp

Filesize
64KB

Download
memory/2976-3-0x0000000075330000-0x0000000075AE0000-memory.dmp

Filesize
7.7MB

Download
memory/2976-4-0x0000000004E60000-0x0000000004E70000-memory.dmp

Filesize
64KB

Download