Analysis

  • max time kernel
    105s
  • max time network
    116s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2024 09:59

General

  • Target

    470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe

  • Size

    1.1MB

  • MD5

    0400cc7a99396ddfbb223a9063308401

  • SHA1

    a60c33e80a5043370e00d2319b739399c0cff9e4

  • SHA256

    470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3

  • SHA512

    e8b28964f9317d1d1b47f1dd6d97742d0e56d8c95a97d6da5c6b1502aac1aeed8c3572329addf1b29ab82aecc6324111d3f93341062c296f6df4991656f044d6

  • SSDEEP

    24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKensz+me69Oql1IZAOH:GezaTF8FcNkNdfE0pZ9ozttwIRQVH

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe
    "C:\Users\Admin\AppData\Local\Temp\470c14785d46eadffdb40ad24e42e2054d3061782b864d492dc62e681bc5cfa3.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2728-0-0x00000000000F0000-0x0000000000100000-memory.dmp

    Filesize

    64KB