93d6077f341f0a0c87c24e2107bf546d533e2017b3ec29bd61ce9aac44c07a82

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
15/05/2024, 00:33

Target

93d6077f341f0a0c87c24e2107bf546d533e2017b3ec29bd61ce9aac44c07a82.exe
Size

849KB
MD5

263a53d202b985198376fac4cf1f1e89
SHA1

17d486dfc7aefb702374c359fc4b822a9a8b254c
SHA256

93d6077f341f0a0c87c24e2107bf546d533e2017b3ec29bd61ce9aac44c07a82
SHA512

57a90f9de0b78e769dd99d6228c22d0f93cf10d7152cab3bce474755c002f6ec5ec3804fec6e84ec4173a727ccee75e94f79e32a4a576cea8a7462c2b122bff3
SSDEEP

24576:E1vk1agfkfgaIfwIx0Hofe3y1sInB2COzRq8DvFqt:1MfgaIfwUqP4suIRbDv

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	93d6077f341f0a0c87c24e2107bf546d533e2017b3ec29bd61ce9aac44c07a82.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2228	93d6077f341f0a0c87c24e2107bf546d533e2017b3ec29bd61ce9aac44c07a82.exe

memory/2228-0-0x0000000000400000-0x00000000004DA000-memory.dmp

Filesize
872KB

Download
memory/2228-1-0x0000000001D60000-0x0000000001DC7000-memory.dmp

Filesize
412KB

Download
memory/2228-7-0x0000000001D60000-0x0000000001DC7000-memory.dmp

Filesize
412KB

Download
memory/2228-6-0x0000000001D60000-0x0000000001DC7000-memory.dmp

Filesize
412KB

Download
memory/2228-12-0x0000000000400000-0x00000000004DA000-memory.dmp

Filesize
872KB

Download