7c7d1c7c6bd33e3b71daedcdfb1229a1655d58f92c828c02bcc33cf3d4f2f9e1 | Triage

Analysis

max time kernel
10s
max time network
8s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02/10/2024, 23:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

DrvLdr.exe
Size

500KB
MD5

d3517af851d85103372f10a49747cf7e
SHA1

164e621be2c443609347fd39410f7b198ab3b698
SHA256

7c7d1c7c6bd33e3b71daedcdfb1229a1655d58f92c828c02bcc33cf3d4f2f9e1
SHA512

63a01d828ccee1d5b09a80a3ed86c8f251be0294f136ce0c69d0cd7215cbba2e4babca9f2d7c95840188f090e8f895b8aaec8462b100706427c92342c30e0c26
SSDEEP

6144:TeHy0LXWxxDmyxo0S+rXjnNvDlYBRnQFiwbtcNWVRCu5rpn/NxEb52b:TYLX0BmyxrS+7lmAVRCuRbo

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeSystemEnvironmentPrivilege	2404	DrvLdr.exe

C:\Users\Admin\AppData\Local\Temp\DrvLdr.exe
"C:\Users\Admin\AppData\Local\Temp\DrvLdr.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2404-0-0x0000000140000000-0x000000014007D000-memory.dmp

Filesize
500KB

Download
memory/2404-1-0x0000000140000000-0x000000014007D000-memory.dmp

Filesize
500KB

Download