6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6

Analysis

max time kernel
149s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01/06/2024, 15:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Size

2.6MB
MD5

12a6519f8b447c774eaf36278062308e
SHA1

b783ad26c5ded6cae78a02aa6d8d6eb3885321e8
SHA256

6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6
SHA512

43e9ecc1e6300bf13c1ebb2eccbac911431c3a7609adb5f0df31ab36e743bb6b70c8efd1331fb215bb30c10df360dd2368dccbd97a91d40aa8c805fc8113a0a8
SSDEEP

49152:EPEUIwFWx/n/c1FC2HbX7PEloXY5Hh53r4i:uEh8C27rPElkYf5Z

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: 33	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
Token: SeIncBasePriorityPrivilege	2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
2420	6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe

C:\Users\Admin\AppData\Local\Temp\6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe
"C:\Users\Admin\AppData\Local\Temp\6b9ff1d08b62f04b7358f7a8893d2df4c5951e1b5d3e3858ba0f8ee8bfb488f6.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2420

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads