0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989

Analysis

max time kernel
157s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
01-06-2024 18:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Size

2.5MB
MD5

28bd71316e7d0803167726f2872f3bd2
SHA1

2808bf58b47b5d25f94adba0ac0a91894a559d09
SHA256

0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989
SHA512

11131203311cfd50c4b8ab6a6ab7782628b15a7705a4d28746a138ef60bd408beb3de760f4a37c74d9fab3fe2577a652143abc7a44ba3afae4fa90f381d7cc0f
SSDEEP

49152:KHHJHHHIHAZ9mZLmsgl1HBwjqaDexKSVdSO0HHE4G4Sv97GVmk2V+o9p+1f0skD5:KHHJHHHIHAZ9mZLmsgl1HBwjqaDexKSF

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 18 IoCs

description	pid	Process
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: 33	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
Token: SeIncBasePriorityPrivilege	3364	0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe

C:\Users\Admin\AppData\Local\Temp\0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe
"C:\Users\Admin\AppData\Local\Temp\0bdf0b38c0c2afb606a1902db97fcec4bcfa7e12d8d992190d8d114e48fe6989.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3364

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4264 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8
1⤵
PID:2672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3364-0-0x0000000000AF0000-0x0000000000BAA000-memory.dmp

Filesize
744KB

Download
memory/3364-1-0x00000000779E2000-0x00000000779E3000-memory.dmp

Filesize
4KB

Download
memory/3364-2-0x00000000779E3000-0x00000000779E4000-memory.dmp

Filesize
4KB

Download
memory/3364-7-0x0000000000780000-0x0000000000781000-memory.dmp

Filesize
4KB

Download
memory/3364-8-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-11-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-10-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-9-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-12-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-13-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-14-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-17-0x0000000075120000-0x0000000075172000-memory.dmp

Filesize
328KB

Download
memory/3364-19-0x0000000010000000-0x000000001002E000-memory.dmp

Filesize
184KB

Download
memory/3364-20-0x0000000000AF0000-0x0000000000BAA000-memory.dmp

Filesize
744KB

Download
memory/3364-22-0x00000000779E2000-0x00000000779E3000-memory.dmp

Filesize
4KB

Download
memory/3364-23-0x00000000779E3000-0x00000000779E4000-memory.dmp

Filesize
4KB

Download
memory/3364-24-0x0000000002F40000-0x0000000002F86000-memory.dmp

Filesize
280KB

Download
memory/3364-26-0x0000000002F40000-0x0000000002F86000-memory.dmp

Filesize
280KB

Download
memory/3364-25-0x0000000002F40000-0x0000000002F86000-memory.dmp

Filesize
280KB

Download
memory/3364-33-0x0000000002F40000-0x0000000002F86000-memory.dmp

Filesize
280KB

Download
memory/3364-34-0x0000000000780000-0x0000000000781000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads