Analysis

  • max time kernel
    105s
  • max time network
    113s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-11-2024 00:25

General

  • Target

    2fd18c1b0ce1f2511612686e7911affc12dc2156e8dfae8cddfd46abe2299065.exe

  • Size

    1.8MB

  • MD5

    ea9720ae3cb7803f31133a9f120f5438

  • SHA1

    1e6a95283a20f68a69587f400e81e8ac995793f4

  • SHA256

    2fd18c1b0ce1f2511612686e7911affc12dc2156e8dfae8cddfd46abe2299065

  • SHA512

    414984d696a71fa6194b6c3705f29f712d25500dd204d5c5a205d38104a856f2cdcddf4e2881919b880ed93b5e5c732ce07804f4dca8492bb98341fe27471e37

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9ozttwIRxj4c5yOBZnQbZLoQ6:GemTLkNdfE0pZyT

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2fd18c1b0ce1f2511612686e7911affc12dc2156e8dfae8cddfd46abe2299065.exe
    "C:\Users\Admin\AppData\Local\Temp\2fd18c1b0ce1f2511612686e7911affc12dc2156e8dfae8cddfd46abe2299065.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1808-0-0x0000026EF1360000-0x0000026EF1370000-memory.dmp

    Filesize

    64KB