cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590

Analysis

max time kernel
148s
max time network
148s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
21-05-2024 14:12

Target

cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590.exe
Size

365KB
MD5

fa5cf80a20a6a71712a168c651d2ff02
SHA1

35a289017518dbe98a8d65202fc9e559a7eb06de
SHA256

cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590
SHA512

ed3fd276eb7e6aeb869de5a53672a453bae4198c32f4ececb73056e22d2975a65f3fc7bc569444a216f9b63a7e74fe53a66aa1ffc713f433ec3ccd6744c7cdbe
SSDEEP

6144:j2U0XkaWk18I9g7Upch87rFS2xkuLLcvOMoKQvDWEWS7GV:jqWUh82xkNeLDWE2

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590.exe

description pid process

Token: SeDebugPrivilege 2020 cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590.exe

description	pid	process
Token: SeDebugPrivilege	2020	cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590.exe

C:\Users\Admin\AppData\Local\Temp\cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590.exe
"C:\Users\Admin\AppData\Local\Temp\cae157e91a9e0a4ea660d3650ab18710272f87d440ee2106b652a55e8d927590.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2020

memory/2020-0-0x000000007414E000-0x000000007414F000-memory.dmp

Filesize
4KB

Download
memory/2020-1-0x00000000011B0000-0x000000000120E000-memory.dmp

Filesize
376KB

Download
memory/2020-2-0x0000000074140000-0x000000007482E000-memory.dmp

Filesize
6.9MB

Download
memory/2020-3-0x0000000000310000-0x0000000000318000-memory.dmp

Filesize
32KB

Download
memory/2020-4-0x000000007414E000-0x000000007414F000-memory.dmp

Filesize
4KB

Download
memory/2020-5-0x0000000074140000-0x000000007482E000-memory.dmp

Filesize
6.9MB

Download