Analysis
-
max time kernel
98s -
max time network
87s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
11/06/2024, 00:09
General
-
Target
advancedrun.exe
-
Size
102KB
-
MD5
a1d50ebe6124584f32de0625475cdb74
-
SHA1
c7c87bc010a7e22c99db83932520a25ddd31b6d2
-
SHA256
dfe303b38ff03d788a4a1c289b7900e17d274fbc7e9ccde43a890fd546de8cd7
-
SHA512
7fab2778ca1d4ef52625b4924ee4ca189ce4b1e5c8efbf5744f2d4ee123fda429325f0d1182e321382cc3a5e2b0c06c5cad3cc9a6ddb5c66c1b418b655ce1cbf
-
SSDEEP
1536:kcTwIYHh1PsR/WmeXFbmEEn6JLhAoDjvwzTWE2jsf+TpyUdDgQ+8iAX:uHh1PsRrs9En6JWWbwzTEjs+Tpy6DvDX
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\advancedrun.exe"C:\Users\Admin\AppData\Local\Temp\advancedrun.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {c82192ee-6cb5-4bc0-9ef0-fb818773790a} -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Users\Admin\AppData\Local\Temp\advancedrun.exe"C:\Users\Admin\AppData\Local\Temp\advancedrun.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
287B
MD5026225b60dda22c571c667fef801a1f2
SHA1d3a42c1264558557755cfc1fb34712ec71f45281
SHA2567f925b24ae310cddeb3a25207e7fa9899598369c8942a596accd4ba2c6da5435
SHA5128ee9c149227b1e347e882edfb72651fbd9558a30fdd0915892c694bac68d80764679cd8b41ffb7e2eb01e1e39ffbf3a4e20c838366c8195e1c37c112a27fd69b