8301df07153ccbc7c1955f2d5efa1a6ed9cf60881c1f2e74f538b315646f8c30

Analysis

max time kernel
16s
max time network
17s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
22/08/2024, 05:08 UTC

Target

Vape.exe
Size

11.3MB
MD5

7b60adfd3c8713955436035786b8ae2b
SHA1

3f23151f73f93e0b5220c72152dee51918781245
SHA256

8301df07153ccbc7c1955f2d5efa1a6ed9cf60881c1f2e74f538b315646f8c30
SHA512

393dbccba78c9116c1787a287c3c0a2596aec9c1d21e88ea15ae0c173dfe3dde4f51753525e2d64375110c0588d74fcf40e4941de4997cc6b8cff98165a6902b
SSDEEP

98304:lmhbCXnfpOfKEmZH0H/Ubovn/JgMLRskwJatZUCYSP1EUHZy6004CXV5tAAzb+cf:EbsxygH8/znhLRs3MfjP19+kXvD+4

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1432	Vape.exe

C:\Users\Admin\AppData\Local\Temp\Vape.exe
"C:\Users\Admin\AppData\Local\Temp\Vape.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1432

memory/1432-0-0x000000013F130000-0x000000013FC97000-memory.dmp

Filesize
11.4MB

Download
memory/1432-1-0x000000013F130000-0x000000013FC97000-memory.dmp

Filesize
11.4MB

Download