3b49c90ff2571e045cb5fd985b7397b37d7bb83e58729a0b4e44b0e5543135df | Triage

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
22-08-2024 18:23

Sharing

Report Analysis Logs

General

Target

FlashpointInstaller.exe
Size

1.9MB
MD5

fb1935a769f0b313db074240f9471481
SHA1

afb65c7600a3d2acd55caae5992c04f26cffe335
SHA256

3b49c90ff2571e045cb5fd985b7397b37d7bb83e58729a0b4e44b0e5543135df
SHA512

b3a36f7a5ab8a6c27f6e035e14fe166ecc21e070f9ec57b5cbd721e6f2e53d087898f09ec87476792fc965923454cb6494dac48de8aa21249efb3aa84fd69193
SSDEEP

49152:QzL5eKJmNVJsq4+prB0k80WgvnTYanse+PHFaD5Esn:3KE2q4+prBz5TYWsBP4D5EM

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	656	FlashpointInstaller.exe

C:\Users\Admin\AppData\Local\Temp\FlashpointInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\FlashpointInstaller.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/656-0-0x000007FEF5743000-0x000007FEF5744000-memory.dmp

Filesize
4KB

Download
memory/656-1-0x0000000001080000-0x0000000001266000-memory.dmp

Filesize
1.9MB

Download
memory/656-2-0x000007FEF5740000-0x000007FEF612C000-memory.dmp

Filesize
9.9MB

Download
memory/656-3-0x000007FEF5740000-0x000007FEF612C000-memory.dmp

Filesize
9.9MB

Download