400debff42246bcf28d1eba937480ebdfa755c932707db10ab58ec4a1f5e94f1

Submit
Reports

Overview

overview

Static

static

01a53007f9...68.exe

windows7_x64

01a53007f9...68.exe

windows10_x64

022e3c30a1...66.exe

windows7_x64

022e3c30a1...66.exe

windows10_x64

02ca2b5bb7...35.exe

windows7_x64

02ca2b5bb7...35.exe

windows10_x64

0d69cafe70...cd.exe

windows7_x64

0d69cafe70...cd.exe

windows10_x64

0df647f0a2...bc.exe

windows7_x64

0df647f0a2...bc.exe

windows10_x64

1df367eead...2c.exe

windows7_x64

1df367eead...2c.exe

windows10_x64

1e083736ae...33.exe

windows7_x64

1e083736ae...33.exe

windows10_x64

1e662d9025...7d.exe

windows7_x64

1e662d9025...7d.exe

windows10_x64

2010009ff5...59.exe

windows7_x64

2010009ff5...59.exe

windows10_x64

243379992d...93.exe

windows7_x64

243379992d...93.exe

windows10_x64

2d63a14e4a...1a.exe

windows7_x64

2d63a14e4a...1a.exe

windows10_x64

30e6815ae0...51.exe

windows7_x64

30e6815ae0...51.exe

windows10_x64

364d3b0e94...fa.exe

windows7_x64

364d3b0e94...fa.exe

windows10_x64

3a4e2dfbd7...00.exe

windows7_x64

3a4e2dfbd7...00.exe

windows10_x64

4a4a606501...75.exe

windows7_x64

4a4a606501...75.exe

windows10_x64

4d89b00768...c0.exe

windows7_x64

4d89b00768...c0.exe

windows10_x64

Resubmissions

10-11-2021 14:52

211110-r84p8aedej 10

09-11-2021 13:19

211109-qkrv3sfcg4 10

Analysis

max time kernel
204s
max time network
225s
platform
windows10_x64
resource
win10-en-20211014
submitted
09-11-2021 13:19

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

01a53007f9b19d8ae4f12cc75bafcbef064f75d3a4b31b347b334a2d30558d68.exe

Resource

win7-en-20211104

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

01a53007f9b19d8ae4f12cc75bafcbef064f75d3a4b31b347b334a2d30558d68.exe

Resource

win10-en-20211104

redline smokeloader ani media12 she aspackv2 backdoor infostealer spyware stealer themida trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

022e3c30a1504fde93e24b2206f804a923ee9785e4db81a166939a1e7b928b66.exe

Resource

win7-en-20211014

evasion spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

022e3c30a1504fde93e24b2206f804a923ee9785e4db81a166939a1e7b928b66.exe

Resource

win10-en-20211104

arkei gozi_ifsb redline socelars vidar xloader 20kinstallov 937 leyla01 s0iw banker evasion infostealer loader rat spyware stealer themida trojan vmprotect

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

02ca2b5bb774890c50950ad93becc2851bac8d04c35464dad4854088c5db4135.exe

Resource

win7-en-20211014

redline smokeloader socelars ani she aspackv2 backdoor discovery evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

02ca2b5bb774890c50950ad93becc2851bac8d04c35464dad4854088c5db4135.exe

Resource

win10-en-20211104

redline smokeloader socelars ani she aspackv2 backdoor infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

0d69cafe700a952a621c9b5981504e30c939c3d6cc34452691fce67b2eb6c1cd.exe

Resource

win7-en-20211104

redline smokeloader socelars she aspackv2 backdoor discovery evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

0d69cafe700a952a621c9b5981504e30c939c3d6cc34452691fce67b2eb6c1cd.exe

Resource

win10-en-20211014

redline smokeloader socelars vidar 937 ani she aspackv2 backdoor evasion infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

0df647f0a2aa6c1aa1ec9426b9ef7c23eb6394f3ed29fbbdd0e9e228d24510bc.exe

Resource

win7-en-20211104

raccoon redline smokeloader socelars 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 aspackv2 backdoor evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

0df647f0a2aa6c1aa1ec9426b9ef7c23eb6394f3ed29fbbdd0e9e228d24510bc.exe

Resource

win10-en-20211014

raccoon redline smokeloader socelars 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 fucker2 media18 aspackv2 backdoor evasion infostealer stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

1df367eead22695952cce5131891dfec5c479da37cb3dac0403015ebb785032c.exe

Resource

win7-en-20211104

raccoon redline socelars 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 fucker2 aspackv2 infostealer stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

1df367eead22695952cce5131891dfec5c479da37cb3dac0403015ebb785032c.exe

Resource

win10-en-20211014

arkei raccoon redline smokeloader socelars 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 fucker2 media18 aspackv2 backdoor evasion infostealer stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

1e083736aeca35b40f45693442d37466fa7b61ab36b2cebc2a49cb8c8492a433.exe

Resource

win7-en-20211104

redline socelars vidar 916 ani media17 aspackv2 infostealer stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

1e083736aeca35b40f45693442d37466fa7b61ab36b2cebc2a49cb8c8492a433.exe

Resource

win10-en-20211104

redline smokeloader socelars vidar 916 937 ani media17 aspackv2 backdoor evasion infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

1e662d90254c17f35d76a81e33caff9c356d590244b00583c3bdb837a683607d.exe

Resource

win7-en-20211014

raccoon redline smokeloader socelars 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 fuck1 aspackv2 backdoor infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

1e662d90254c17f35d76a81e33caff9c356d590244b00583c3bdb837a683607d.exe

Resource

win10-en-20211104

raccoon redline smokeloader socelars vidar 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 916 fuck1 media18 aspackv2 backdoor evasion infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

2010009ff5b8b55fbcaa90318461a1b5b69ef6c8fd32ac279e81a10844d57859.exe

Resource

win7-en-20211014

redline smokeloader media13 she aspackv2 backdoor evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

2010009ff5b8b55fbcaa90318461a1b5b69ef6c8fd32ac279e81a10844d57859.exe

Resource

win10-en-20211104

redline smokeloader socelars ani she aspackv2 backdoor infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

243379992d4692a9058e9964696513a2f84e03759c6d5b3b737685bf9bf65493.exe

Resource

win7-en-20211014

raccoon redline smokeloader socelars 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 media18 aspackv2 backdoor evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

243379992d4692a9058e9964696513a2f84e03759c6d5b3b737685bf9bf65493.exe

Resource

win10-en-20211104

raccoon redline socelars vidar xloader 2f2ad1a1aa093c5a9d17040c8efd5650a99640b5 937 fucker2 media18 s0iw aspackv2 evasion infostealer loader rat spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

2d63a14e4ab37be8d0eee3d87959e3a0ef972d07411c136ecf2f1ac4191a701a.exe

Resource

win7-en-20211104

redline smokeloader socelars ani she aspackv2 backdoor infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

2d63a14e4ab37be8d0eee3d87959e3a0ef972d07411c136ecf2f1ac4191a701a.exe

Resource

win10-en-20211014

redline smokeloader socelars vidar xloader 937 ani she s0iw aspackv2 backdoor evasion infostealer loader rat spyware stealer themida trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe

Resource

win7-en-20211104

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

364d3b0e9456ecff4518f48695df817af1fdcd76c1f9644a35cfe5ec621e5ffa.exe

Resource

win7-en-20211104

redline smokeloader socelars vidar 916 aspackv2 backdoor infostealer stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

364d3b0e9456ecff4518f48695df817af1fdcd76c1f9644a35cfe5ec621e5ffa.exe

Resource

win10-en-20211014

redline smokeloader socelars vidar 916 ani she aspackv2 backdoor evasion infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

3a4e2dfbd7943c7200d7c5ea70c2b0117408d3c1ac3cac7b757d8e05dcc9ff00.exe

Resource

win7-en-20211104

redline smokeloader media13 she aspackv2 backdoor evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

3a4e2dfbd7943c7200d7c5ea70c2b0117408d3c1ac3cac7b757d8e05dcc9ff00.exe

Resource

win10-en-20211014

redline smokeloader she aspackv2 backdoor evasion infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

4a4a606501eea3b8b9e128412455243ca20de0efe374c9c47ff3b5caac457375.exe

Resource

win7-en-20211104

redline smokeloader socelars 05.10 backdoor evasion infostealer spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

4a4a606501eea3b8b9e128412455243ca20de0efe374c9c47ff3b5caac457375.exe

Resource

win10-en-20211104

arkei redline smokeloader socelars vidar xloader 05.10 s0iw backdoor evasion infostealer loader rat spyware stealer themida trojan vmprotect

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

4d89b007686d09c5143127f408435b76d2ea36991b728985ac47dcf797e6e7c0.exe

Resource

win7-en-20211014

socelars aspackv2 spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

4d89b007686d09c5143127f408435b76d2ea36991b728985ac47dcf797e6e7c0.exe

Resource

win10-en-20211104

redline smokeloader socelars vidar 916 ani aspackv2 backdoor evasion infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
Size

8KB
MD5

af6e236e2635e451927e7e99f159709a
SHA1

ff5a827131c817a3bf95bb8b798b272101428618
SHA256

30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51
SHA512

4b4fd1668211f7193c0b41bb014015f9502b2b75cb0237500c4754e3925d16f719e5154b5fe3cc328d867cfd3cd480802d6150140a48ba5a6ca407100b4b08e6

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1340	30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe

Processes

C:\Users\Admin\AppData\Local\Temp\30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
"C:\Users\Admin\AppData\Local\Temp\30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1340-118-0x0000000000DC0000-0x0000000000DC1000-memory.dmp

Filesize
4KB

Download
memory/1340-120-0x000000001B9A0000-0x000000001B9A2000-memory.dmp

Filesize
8KB

Download