56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01

Resubmissions

22-05-2024 09:09

240522-k4lkhsab83 10

Analysis

max time kernel
148s
max time network
150s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
24-05-2024 01:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Size

48KB
MD5

c6f0d87977bf54aadc230b99a7ff093c
SHA1

542a167dee3830b6b9cdca1110dc83d221a07e0c
SHA256

56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01
SHA512

eeaeb4517152772c253e878c61b064f35ca97e5180191885f39a9dfa9063812338303b0e24da60b72105a797b0cfb54c32bb7e1215f469683ab3fb2d703684a4
SSDEEP

384:+0bUe5XB4e0XuOZeANuiEO0YaHWTgtTUFQqzF8Obbm:vT9ButIguiEYuebm

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes:

56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe

description	pid	process
Token: SeDebugPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: 33	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
Token: SeIncBasePriorityPrivilege	4880	56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe

C:\Users\Admin\AppData\Local\Temp\56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe
"C:\Users\Admin\AppData\Local\Temp\56ab774fedce3b7d6b2264799749708db0fa70cd26e3211abb4850cf78801e01.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4880-0-0x00000000740C1000-0x00000000740C2000-memory.dmp

Filesize
4KB

Download
memory/4880-1-0x00000000740C0000-0x0000000074670000-memory.dmp

Filesize
5.7MB

Download
memory/4880-2-0x00000000740C0000-0x0000000074670000-memory.dmp

Filesize
5.7MB

Download
memory/4880-3-0x00000000740C0000-0x0000000074670000-memory.dmp

Filesize
5.7MB

Download
memory/4880-4-0x00000000740C0000-0x0000000074670000-memory.dmp

Filesize
5.7MB

Download