d3351dfdcaa85cea4092b34fcc93b96636d43d32b6ad338208dcb2c124de1756 | Triage

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 02:23

Sharing

Report Analysis Logs

General

Target

prio.dll
Size

12KB
MD5

5daf2ad438e9de7ed5b8f0503921b328
SHA1

308e6f5bf581cda1a9c5a6aba63894e2612870da
SHA256

663d7f9942c012d538ceeb2ae7f6f3af7e33ea4794156624f5739af7d4f70fca
SHA512

2adafcd0479639110661bb51d281242d7fc6be4c81e3f79e4035fa87bb4843bf7a21e852c54bf65fe0e6527497b8c53b7f5083fc89b90ace3ba5afc6a50a055a
SSDEEP

192:qRjUU8gHR8hJ0Y4hrinGLmjCZtJIz0iWOeyowx4z57+L/lY65FD:qgU8gHR2J4h1mjitJIz0PYx4MLlYAh

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2208	rundll32.exe
Token: SeIncBasePriorityPrivilege	2208	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\prio.dll,#1
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads