b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd | Triage

Resubmissions

23/08/2024, 16:00

240823-tf47dsteqe 6

23/08/2024, 15:32

240823-sy293sseld 4

23/08/2024, 15:18

240823-sp1d5athqk 8

23/08/2024, 14:12

240823-rjcv7sydnd 7

23/08/2024, 02:33

240823-c17dta1cpd 7

23/08/2024, 02:11

240823-cmbpzszelg 4

23/08/2024, 02:00

240823-ce59mazbnh 4

23/08/2024, 01:37

240823-b1992a1dmm 5

23/08/2024, 01:24

240823-bsm5jazhpp 5

23/08/2024, 00:51

240823-a7p21awhld 6

Analysis

max time kernel
126s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2024, 02:11

Sharing

Report Analysis Logs

General

Target

klist.exe
Size

60KB
MD5

3aa443b428cd290bd8415e7fdd5fb82a
SHA1

c8ed8b9741ebe29d924aa911347064362ab6233f
SHA256

430e7845bb559cbab9bea4f87f86b14acdc33f596eed7300a0208c9d0f99829e
SHA512

4cb2aa78719e439c796f8329bd911ca2b72fcbe6e50d050ec00b5346887388acbfc1f0c219b94336b210dc54df28b2d18967cb9b1832f6025f24567c8d4cdd1a
SSDEEP

768:8O2Os77ZkFz+m2JqOBgcxJcWNyjMT2DzdCV4MnXQ8Fci4nsP11VS6mBFm5tSl8:9u7KFi9RXCIyQSwbYLFm5tSl8

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTcbPrivilege	3476	klist.exe

C:\Users\Admin\AppData\Local\Temp\klist.exe
"C:\Users\Admin\AppData\Local\Temp\klist.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads