aac8e77ba87c0216f16788bd99feb856a09f5f8ee986453c5e0572803d94965c

Analysis

max time kernel
15s
max time network
17s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
06-09-2024 08:42

Target

c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Size

7.6MB
MD5

c3f7af5ab1ab7f8559e631b8ee7c6640
SHA1

c123d716f53ac9d5aa1d8012763d0e796d578cb3
SHA256

aac8e77ba87c0216f16788bd99feb856a09f5f8ee986453c5e0572803d94965c
SHA512

86d2861885956c8dc913a68a8221d226c16736786fe032ff5e7ca8f1de66925225027dd0fb28047e381e942896089e98cb25cd3a9a533a19bb342c6e0cc94b2b
SSDEEP

196608:WLmtW2uzSqCnVOn2nlDizlqi6iOSHFlUZOJvuWBQa8WiL:WCtW2uzMnVOnUDizYiWglUqGphl

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 12 IoCs

Suspicious behavior: EnumeratesProcesses 3 IoCs

Suspicious use of AdjustPrivilegeToken 22 IoCs

description	pid	Process
Token: SeDebugPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeDebugPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeIncreaseQuotaPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeSecurityPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeTakeOwnershipPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeLoadDriverPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeSystemProfilePrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeSystemtimePrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeProfSingleProcessPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeIncBasePriorityPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeCreatePagefilePrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeBackupPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeRestorePrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeShutdownPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeDebugPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeSystemEnvironmentPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeRemoteShutdownPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeUndockPrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: SeManageVolumePrivilege	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: 33	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: 34	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe
Token: 35	2104	c3f7af5ab1ab7f8559e631b8ee7c6640N.exe

memory/2104-0-0x0000000140C75000-0x0000000140EA2000-memory.dmp

Filesize
2.2MB

Download
memory/2104-10-0x0000000077390000-0x0000000077392000-memory.dmp

Filesize
8KB

Download
memory/2104-17-0x0000000140000000-0x0000000141635000-memory.dmp

Filesize
22.2MB

Download
memory/2104-8-0x0000000077390000-0x0000000077392000-memory.dmp

Filesize
8KB

Download
memory/2104-6-0x0000000077390000-0x0000000077392000-memory.dmp

Filesize
8KB

Download
memory/2104-5-0x0000000077380000-0x0000000077382000-memory.dmp

Filesize
8KB

Download
memory/2104-3-0x0000000077380000-0x0000000077382000-memory.dmp

Filesize
8KB

Download
memory/2104-1-0x0000000077380000-0x0000000077382000-memory.dmp

Filesize
8KB

Download
memory/2104-18-0x0000000140000000-0x0000000141635000-memory.dmp

Filesize
22.2MB

Download
memory/2104-16-0x0000000140000000-0x0000000141635000-memory.dmp

Filesize
22.2MB

Download
memory/2104-19-0x0000000140C75000-0x0000000140EA2000-memory.dmp

Filesize
2.2MB

Download
memory/2104-20-0x0000000140000000-0x0000000141635000-memory.dmp

Filesize
22.2MB

Download
memory/2104-21-0x0000000140000000-0x0000000141635000-memory.dmp

Filesize
22.2MB

Download
memory/2104-22-0x0000000140000000-0x0000000141635000-memory.dmp

Filesize
22.2MB

Download