6e1cb1460de88e0bcbde5311f3aefa519f2cf0b5591cd52b595da0ecff11757b

Analysis

max time kernel
15s
max time network
18s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
03-08-2024 00:00

Target

compiler.exe
Size

203KB
MD5

1cae1b582de53b1c7070e0f0f2881a5f
SHA1

0f866a227e55c57eabcb7a5830e93a9a0c44a35b
SHA256

6e1cb1460de88e0bcbde5311f3aefa519f2cf0b5591cd52b595da0ecff11757b
SHA512

79136993a9f8efce66f79c2dd4135f44890eb66e1c9fb297de9525064c733039c46b0c6a62169b0054843ffa53867b6e31b0ff787b2290bbba282fe0b6e4850e
SSDEEP

3072:hnvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+I:hva5TMRXs0IKiBDbZt4Ggn77+ez3U8

Score

1^/10

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	2764	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2764	AUDIODG.EXE
Token: 33	2764	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2764	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\compiler.exe
"C:\Users\Admin\AppData\Local\Temp\compiler.exe"
1⤵
PID:2432

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x5d4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2764