9983010483292b460cdc39f5128e5c673abf6c63ccce222b319bedf55978e03e

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24-06-2024 23:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

keygen.exe
Size

44KB
MD5

2aeae65fb13c222a26cd48fa23b9053b
SHA1

cd9725f9d21ff80ee6bec7d66c9aa16d8debd59d
SHA256

2bfa01b8cb6f77ef22f5c321094d3e1c2088a488c11c5b5008c45e1d53319ae2
SHA512

6d5ffefcd6a9b3c3ee223770fdb9cfc586e8b770eb5b07644c35b856b71c3042ae024018b3489cffa74754da48a0b4ad9c1b0b08d8c70249bdc3b566c4bdfd7f
SSDEEP

768:czh+vwHYeNH2B8KBo1vYQcLsshk5WvJMjcVJd4p8CNZuiihRL5SZ/c42UoWwkwS:czqw4uH2BFBAYQZ8BJnVD4p8CNQiivY7

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2504	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2504	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\keygen.exe
"C:\Users\Admin\AppData\Local\Temp\keygen.exe"
1⤵
PID:4488

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4c8 0x2ec
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4488-0-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-1-0x00000000001C0000-0x00000000001C2000-memory.dmp

Filesize
8KB

Download
memory/4488-2-0x00000000004C0000-0x00000000004C1000-memory.dmp

Filesize
4KB

Download
memory/4488-3-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-4-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-5-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-6-0x00000000001C0000-0x00000000001C2000-memory.dmp

Filesize
8KB

Download
memory/4488-7-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-8-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-9-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-10-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-11-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-12-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-13-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-14-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-15-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-16-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-17-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download
memory/4488-18-0x0000000000400000-0x0000000000467000-memory.dmp

Filesize
412KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads