dd2ff7e4cfe8927a2b93cb6f85be0ea7530cd5f5f99612f7dc9a6135f83bee2c

Analysis

max time kernel
93s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/10/2024, 00:55

Target

dd2ff7e4cfe8927a2b93cb6f85be0ea7530cd5f5f99612f7dc9a6135f83bee2c.exe
Size

2.0MB
MD5

1cd17514313416d294739f6a1d4dfdfd
SHA1

5b13bc54360c06a884045c45a9cf57f709699821
SHA256

dd2ff7e4cfe8927a2b93cb6f85be0ea7530cd5f5f99612f7dc9a6135f83bee2c
SHA512

2da1219eb1560724b618e62f90883c714062eeb4313c273249371245ff12ed13e6f0781d6193e50efa0b3ed8260c96010fe5bb8797b467d0aa2c7563bc63588f
SSDEEP

24576:Kzs3yG2Rwd14jK42aMQDJoAOM08/85RkptVIJq8SkQ/7Gb8NLEbeZ:evRwdG2NcOMjUfkptVxlkQ/qoLEw

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\System32\alg.exe	dd2ff7e4cfe8927a2b93cb6f85be0ea7530cd5f5f99612f7dc9a6135f83bee2c.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeTakeOwnershipPrivilege	2612	dd2ff7e4cfe8927a2b93cb6f85be0ea7530cd5f5f99612f7dc9a6135f83bee2c.exe

C:\Users\Admin\AppData\Local\Temp\JavaLauncher.log

Filesize
2KB

MD5
1d5177c064b8eb85acf36c05d32b5cd6

SHA1
0d3d832f934ad6d213dfa851b672eac6aad815e1

SHA256
3cf2cc39e7a8324cb368871be168fdd4c117d47bc0ceef5b090b86e470ae8c1a

SHA512
20627c5ebbc8f0b8ad80847a00241df24dc52daee46a57781e249d6519674c96018374c38c219d916f6d9494d16b162f066d25245b107785338245117cf1c093

Download Submit
memory/2612-0-0x0000000140000000-0x00000001401FC000-memory.dmp

Filesize
2.0MB

Download
memory/2612-1-0x0000000001FF0000-0x0000000002050000-memory.dmp

Filesize
384KB

Download
memory/2612-14-0x0000000001FF0000-0x0000000002050000-memory.dmp

Filesize
384KB

Download
memory/2612-22-0x0000000140000000-0x00000001401FC000-memory.dmp

Filesize
2.0MB

Download