f5c138db61e8b2ef7753222e73978887ca5cf1883b8fb64322ad9ad584b42b70

Analysis

max time kernel
5s
max time network
7s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
27/09/2024, 01:46

Target

Ace Combat 7 Skies Unknown v1.0-v20211019 Plus 11 Trainer.exe
Size

786KB
MD5

326492299057da2fa2c12e4563da6c21
SHA1

7a73e0b2039bc4fa024f581b7c40c9350111e6f9
SHA256

7a6944010143b57d4183d7d18ac477531c3161293a4acb87d8d7421b910f7a42
SHA512

1927e1e1459ec28f046ae6333c8ee1d4786bc2ae73215fe2d5082b7b618a37b5b35b61464d00fdc30f0425019c924e5df2a8887500da2aef1c2023a117560c06
SSDEEP

24576:A8thiC7mBSL/FyqHWun6orULeSOwynjDS:BTiCiBk/FZZnhUyNx

Score

1^/10

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4088	Ace Combat 7 Skies Unknown v1.0-v20211019 Plus 11 Trainer.exe

C:\Users\Admin\AppData\Local\Temp\Ace Combat 7 Skies Unknown v1.0-v20211019 Plus 11 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\Ace Combat 7 Skies Unknown v1.0-v20211019 Plus 11 Trainer.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4088

memory/4088-0-0x00007FFC0A253000-0x00007FFC0A255000-memory.dmp

Filesize
8KB

Download
memory/4088-1-0x000001B819C60000-0x000001B819C92000-memory.dmp

Filesize
200KB

Download
memory/4088-2-0x00007FFC0A250000-0x00007FFC0AD11000-memory.dmp

Filesize
10.8MB

Download
memory/4088-3-0x00007FFC0A250000-0x00007FFC0AD11000-memory.dmp

Filesize
10.8MB

Download
memory/4088-4-0x00007FFC0A250000-0x00007FFC0AD11000-memory.dmp

Filesize
10.8MB

Download