9eab4747e817d0a9587ce7b75785ce4c200e95843b6165a50ed92420bd44db98

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
15-05-2024 02:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

msedgewebview2.exe
Size

470KB
MD5

83ace4e7111ea672a1deb83a1dc30934
SHA1

33da945e027332d518d1476d853671974219fa42
SHA256

9eab4747e817d0a9587ce7b75785ce4c200e95843b6165a50ed92420bd44db98
SHA512

e5d0a9c66525728e1956e9552c9f73b6430fa5552c320a2f8e8af790d0e03f78db72e2e2e6b866afd6f4826bd3f6f2aeda5ae48428136600767da50d1a683ea2
SSDEEP

6144:cweYW1vWp7gyBgPrecl7AqGKD+OHWkYnQxi1yHPs8d9Ja/Z8o9MLYbEnLS4:clYqq0TeaGa+pkYnkPTd9X1h

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 41 IoCs

description	pid	Process
Token: SeDebugPrivilege	2908	msedgewebview2.exe
Token: SeIncreaseQuotaPrivilege	2908	msedgewebview2.exe
Token: SeSecurityPrivilege	2908	msedgewebview2.exe
Token: SeTakeOwnershipPrivilege	2908	msedgewebview2.exe
Token: SeLoadDriverPrivilege	2908	msedgewebview2.exe
Token: SeSystemProfilePrivilege	2908	msedgewebview2.exe
Token: SeSystemtimePrivilege	2908	msedgewebview2.exe
Token: SeProfSingleProcessPrivilege	2908	msedgewebview2.exe
Token: SeIncBasePriorityPrivilege	2908	msedgewebview2.exe
Token: SeCreatePagefilePrivilege	2908	msedgewebview2.exe
Token: SeBackupPrivilege	2908	msedgewebview2.exe
Token: SeRestorePrivilege	2908	msedgewebview2.exe
Token: SeShutdownPrivilege	2908	msedgewebview2.exe
Token: SeDebugPrivilege	2908	msedgewebview2.exe
Token: SeSystemEnvironmentPrivilege	2908	msedgewebview2.exe
Token: SeRemoteShutdownPrivilege	2908	msedgewebview2.exe
Token: SeUndockPrivilege	2908	msedgewebview2.exe
Token: SeManageVolumePrivilege	2908	msedgewebview2.exe
Token: 33	2908	msedgewebview2.exe
Token: 34	2908	msedgewebview2.exe
Token: 35	2908	msedgewebview2.exe
Token: SeIncreaseQuotaPrivilege	2908	msedgewebview2.exe
Token: SeSecurityPrivilege	2908	msedgewebview2.exe
Token: SeTakeOwnershipPrivilege	2908	msedgewebview2.exe
Token: SeLoadDriverPrivilege	2908	msedgewebview2.exe
Token: SeSystemProfilePrivilege	2908	msedgewebview2.exe
Token: SeSystemtimePrivilege	2908	msedgewebview2.exe
Token: SeProfSingleProcessPrivilege	2908	msedgewebview2.exe
Token: SeIncBasePriorityPrivilege	2908	msedgewebview2.exe
Token: SeCreatePagefilePrivilege	2908	msedgewebview2.exe
Token: SeBackupPrivilege	2908	msedgewebview2.exe
Token: SeRestorePrivilege	2908	msedgewebview2.exe
Token: SeShutdownPrivilege	2908	msedgewebview2.exe
Token: SeDebugPrivilege	2908	msedgewebview2.exe
Token: SeSystemEnvironmentPrivilege	2908	msedgewebview2.exe
Token: SeRemoteShutdownPrivilege	2908	msedgewebview2.exe
Token: SeUndockPrivilege	2908	msedgewebview2.exe
Token: SeManageVolumePrivilege	2908	msedgewebview2.exe
Token: 33	2908	msedgewebview2.exe
Token: 34	2908	msedgewebview2.exe
Token: 35	2908	msedgewebview2.exe

C:\Users\Admin\AppData\Local\Temp\msedgewebview2.exe
"C:\Users\Admin\AppData\Local\Temp\msedgewebview2.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2908-0-0x000007FEF59E3000-0x000007FEF59E4000-memory.dmp

Filesize
4KB

Download
memory/2908-1-0x0000000000E40000-0x0000000000EBC000-memory.dmp

Filesize
496KB

Download
memory/2908-3-0x000007FEF59E0000-0x000007FEF63CC000-memory.dmp

Filesize
9.9MB

Download
memory/2908-4-0x000007FEF59E0000-0x000007FEF63CC000-memory.dmp

Filesize
9.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads