85160f9b510a645cb24aaaba06bba2fec92b187746bb2884768514ac1540b0d1

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
24-12-2024 10:53

Target

7196E2329A273C57604016DD051B7A06292AA25AF87C4E342FEEE3F6D9A6FF45.exe
Size

1.2MB
MD5

8130faec6e260420f75bd0508aaa9f73
SHA1

706835897990566e0588f2e03fd5bf696f95e1ee
SHA256

7196e2329a273c57604016dd051b7a06292aa25af87c4e342feee3f6d9a6ff45
SHA512

f78d4c595def90bf94273e7faca3c24b175194b46962f85f866d21060dc23250a92dee5f8edeb6e12b0e925a0c9b5693adc1fde17c97f7f757a19ea74715a135
SSDEEP

24576:YP66ihbQczSbkZtBvLAADr6jTyC2Z4lMFba2e:W6NQczSbkGMrod2ZEqbG

Score

1^/10

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeDebugPrivilege	1144	7196E2329A273C57604016DD051B7A06292AA25AF87C4E342FEEE3F6D9A6FF45.exe
Token: SeLockMemoryPrivilege	1144	7196E2329A273C57604016DD051B7A06292AA25AF87C4E342FEEE3F6D9A6FF45.exe
Token: SeLockMemoryPrivilege	1144	7196E2329A273C57604016DD051B7A06292AA25AF87C4E342FEEE3F6D9A6FF45.exe

C:\Users\Admin\AppData\Local\Temp\7196E2329A273C57604016DD051B7A06292AA25AF87C4E342FEEE3F6D9A6FF45.exe
"C:\Users\Admin\AppData\Local\Temp\7196E2329A273C57604016DD051B7A06292AA25AF87C4E342FEEE3F6D9A6FF45.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1144