Overview

overview

3

Static

static

3

cg/adamsat...ss.exe

windows7-x64

1

cg/adamsat...ss.exe

windows10-2004-x64

1

cg/adamsat...ci.bat

windows7-x64

cg/adamsat...ci.bat

windows10-2004-x64

cg/adamsat...ci.bat

windows7-x64

cg/adamsat...ci.bat

windows10-2004-x64

cg/secsvc.dll

windows7-x64

1

cg/secsvc.dll

windows10-2004-x64

1

cg/svckutils.exe

windows7-x64

1

cg/svckutils.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    84s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2024, 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cg/adamsatmayiz/bypass.exe

  • Size

    1.1MB

  • MD5

    6edf619d475fb5868d3edea5e6d9e9dc

  • SHA1

    9ed9915d8e7368be786cb25f086da3e29e8c6373

  • SHA256

    ac75f6afacf5441632130b05c5f49341c4f5be209fc5e666d0061f0e8e3667c3

  • SHA512

    50192cef4cade4701099e5bf0adb51dfade9dc1bd798347aca65bc22e01e28066dc3bba93beb7cee75f177ee17a9792200d4322b67a2dbe950f3f75425b84012

  • SSDEEP

    24576:/wZvK+KSjPfA6K/V7bwZRWcYmWJFv5G0t5PMDkN:1+Kr/lw1iFvPED

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cg\adamsatmayiz\bypass.exe
    "C:\Users\Admin\AppData\Local\Temp\cg\adamsatmayiz\bypass.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads