19012c229ebe20187fc88d36b6568a26aa205236e203ec0ca5d67d037ad9ac24

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
17-06-2024 18:26

Target

GreenLuma.2020.Manager/GL2020 Updater.exe
Size

10KB
MD5

deddc893c4d6a5856bb060f50aa5fbad
SHA1

f827c25786936ed37c4464049ec96993853d620f
SHA256

ec2eb4b3ee023fcc776dc04878edbed48d546073b63056bf693d4c0842e76325
SHA512

c3983d18c665a9788425eec6496a0cea99b1cedd60af89b0d09cd75885bef5105f15bfac71636761386d520d839c4f1bb489735b4c2656e637d8770b8bf5d4bb
SSDEEP

192:lpb//5Idhzj9CtTii9aNtQaQr+kEfsDAayTHVyUap5fiLV9qg:v//azG9aNtTkEffFwU8qVX

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

GL2020 Updater.exe

description pid process

Token: SeDebugPrivilege 2124 GL2020 Updater.exe

description	pid	process
Token: SeDebugPrivilege	2124	GL2020 Updater.exe

C:\Users\Admin\AppData\Local\Temp\GreenLuma.2020.Manager\GL2020 Updater.exe
"C:\Users\Admin\AppData\Local\Temp\GreenLuma.2020.Manager\GL2020 Updater.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2124

memory/2124-0-0x0000000000910000-0x000000000091A000-memory.dmp

Filesize
40KB

Download
memory/2124-1-0x0000000000920000-0x00000000009D2000-memory.dmp

Filesize
712KB

Download