c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
26/01/2025, 16:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
Size

1.2MB
MD5

df84c2dcc44fe1921cbd786b92eebad2
SHA1

394b05dd67cdb65d8874abb1b9818fc008e8260f
SHA256

c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da
SHA512

4c205af89a031d738e1247e787e208fce2c068d8ebb7a83da3b5657cdb3ed2ed9a2c2fced22781ea8fcfd93d32d3726122a07db68c62542aeff43c99e2dff992
SSDEEP

24576:osIV0SK7h5Yy4rxUMhWpOlZAb6utlJVdeeWIguOL+4nDS2bJ7l:oR0V49USWz6ZfjL+4lV7l

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2792	c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe

C:\Users\Admin\AppData\Local\Temp\c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe
"C:\Users\Admin\AppData\Local\Temp\c8030bd70bda093948c8ad6e6b18d9872c9972ae4f55c7806afaba0e120541da.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2792-0-0x000007FEF6353000-0x000007FEF6354000-memory.dmp

Filesize
4KB

Download
memory/2792-1-0x0000000002180000-0x00000000021C8000-memory.dmp

Filesize
288KB

Download
memory/2792-2-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-3-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-4-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-5-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-10-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-9-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-29-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-30-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-31-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-32-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-33-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download
memory/2792-34-0x000007FEF6350000-0x000007FEF6D3C000-memory.dmp

Filesize
9.9MB

Download