Analysis Overview
SHA256
f4055022c94103087ce5fe4ee8493bc11e6fb9c788134fc732aa9ff5d05cb765
Threat Level: Likely benign
The file PG3DInjector.exe was found to be: Likely benign.
Malicious Activity Summary
Unsigned PE
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-12 23:43
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 23:42
Reported
2024-06-12 23:47
Platform
win10v2004-20240508-en
Max time kernel
51s
Max time network
53s
Command Line
Signatures
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\PG3DInjector.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\PG3DInjector.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\PG3DInjector.exe
"C:\Users\Admin\AppData\Local\Temp\PG3DInjector.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding