Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2024 10:26

General

  • Target

    36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe

  • Size

    1.4MB

  • MD5

    0dad94d47db62e1b3bb51816c86452ba

  • SHA1

    f9705f7a2ff88c0acd7bd0dd0344d244ceae0096

  • SHA256

    36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c

  • SHA512

    348151d5d0fedc0d6c30ac0edb6e8e5ce6540b5a47fdd602c61c3a283bc51bdd9cc03532bc59c0a05669ce3d04503c46d7fa119e20f37c00ceeed29dfe9a3da2

  • SSDEEP

    24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbpwlKenszaDw4B/Os/IsSAN0z3Zk:GezaTF8FcNkNdfE0pZ9ozttwIRakGNrV

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe
    "C:\Users\Admin\AppData\Local\Temp\36b5d86e92e7af9fc97024939e0ce865a9892719a61022a6127c67fd21b41b0c.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2012-0-0x00000000001F0000-0x0000000000200000-memory.dmp

    Filesize

    64KB