3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
19-07-2024 14:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c.exe
Size

1.3MB
MD5

a4cc2450ef7668f0bb678e2a8100af7f
SHA1

d70956a007567c6af2ff7aa000e8092f374a2a3e
SHA256

3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c
SHA512

5e9d227297c34200866253cf838f22928126d88794e0b260d1fcbf482bcdad7ca0022d56ae887b8005b8036dd4a9f373f85df83af5d406d88b021f60a6ecb495
SSDEEP

6144:GqoN+FPeA5iTuggkYzJLAdRL9Je+2h00h00h09zJLAdRbM9aAMaK2+IMxVwO8zJH:GZN+RL5HtaZDe+hta9jK8V/Mt5wK

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	2756	3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c.exe
Token: SeShutdownPrivilege	2756	3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c.exe

C:\Users\Admin\AppData\Local\Temp\3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c.exe
"C:\Users\Admin\AppData\Local\Temp\3e3185efc2f5a997dea4c4c540cd7dae379678bb7d25a769f5a956b1112ace9c.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2756-0-0x000007FEF5A13000-0x000007FEF5A14000-memory.dmp

Filesize
4KB

Download
memory/2756-1-0x0000000000E00000-0x0000000000F44000-memory.dmp

Filesize
1.3MB

Download
memory/2756-2-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-3-0x00000000004F0000-0x000000000050A000-memory.dmp

Filesize
104KB

Download
memory/2756-4-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-5-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-6-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-7-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-8-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-9-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-10-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-11-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-12-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-13-0x000007FEF5A13000-0x000007FEF5A14000-memory.dmp

Filesize
4KB

Download
memory/2756-14-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-16-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-15-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-17-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-18-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-19-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-20-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-21-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download
memory/2756-22-0x000007FEF5A10000-0x000007FEF63FC000-memory.dmp

Filesize
9.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads