3de5f8732ba0959ba80909ca24344d6a58cded1792210b146c9d416c524b5371

Analysis

max time kernel
144s
max time network
168s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
25-11-2022 22:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Keygen.exe
Size

2.3MB
MD5

04798a0dde80c2064f5466301e701fc2
SHA1

fe4dc773c04d58eef623324bf503b3cf2afcc5e0
SHA256

b66ce5aa238a4ce12fbc6315b1306b788d64ee57d7805e055ef3661bff847a0e
SHA512

ff35340c5f32c882d8b6710e47c80cdcbc31f9d7caf3f466d848873b71bb437d17dedeedde2c90b67c9815d8947db15bdba39f591354583b77df8bbaab1be064
SSDEEP

49152:8kTgiNPgVxquveP3eBzV43TGgnR4hEGSOYvyqOZVWHO1et1jEResgJB25t:8p4PgVxqRPZygngy/vdOaHO1MDsgJBSt

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 5 IoCs

pid	Process
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe

Suspicious behavior: EnumeratesProcesses 34 IoCs

pid	Process
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe
2732	Keygen.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2732	Keygen.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2732	Keygen.exe

C:\Users\Admin\AppData\Local\Temp\Keygen.exe
"C:\Users\Admin\AppData\Local\Temp\Keygen.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\SkinSoft\VisualStyler\2.3.3.3\x86\ssapihook.dll

Filesize
57KB

MD5
d7f644c06b4cde60651d02aed6b4174d

SHA1
ae1c05821dcccb3280c7a9cbf4ce8d00d1eb680f

SHA256
a99ea2f5759b34859b484afa3a58ce82a7f3bf792886a6c838db852d517d9c0d

SHA512
db0b5dfb1b99fba61c8d9b883813747b37485fd5acc3091c5a5d5fcf0e3f2bd9b091a8bcb4f200a1fdeea00e2e62a9573b2d653bd6f8878ba321fefdfec2f384

Download Submit
C:\Users\Admin\AppData\Local\Temp\SkinSoft.VisualStyler.dll

Filesize
949KB

MD5
05c58268b4d54d419522124e6646c3db

SHA1
a96faaa33980ba9daa63aba282e75df6ef8d43b2

SHA256
a5ad9a34e1721a4086d2b6f1a1aa9da108a3fb6bb4e3ad5c26a495a5b7b41ba2

SHA512
382a2ebabbc0d77005749d310c2a10fde869b821e7196336532aa782c80c2c590d913d8021eb7e059dc695bc37e5670a7aa0843b9c1c4a75a390a958406cab65

Download Submit
C:\Users\Admin\AppData\Local\Temp\SkinSoft.VisualStyler.dll

Filesize
949KB

MD5
05c58268b4d54d419522124e6646c3db

SHA1
a96faaa33980ba9daa63aba282e75df6ef8d43b2

SHA256
a5ad9a34e1721a4086d2b6f1a1aa9da108a3fb6bb4e3ad5c26a495a5b7b41ba2

SHA512
382a2ebabbc0d77005749d310c2a10fde869b821e7196336532aa782c80c2c590d913d8021eb7e059dc695bc37e5670a7aa0843b9c1c4a75a390a958406cab65

Download Submit
C:\Users\Admin\AppData\Local\Temp\SkinSoft.VisualStyler.dll

Filesize
949KB

MD5
05c58268b4d54d419522124e6646c3db

SHA1
a96faaa33980ba9daa63aba282e75df6ef8d43b2

SHA256
a5ad9a34e1721a4086d2b6f1a1aa9da108a3fb6bb4e3ad5c26a495a5b7b41ba2

SHA512
382a2ebabbc0d77005749d310c2a10fde869b821e7196336532aa782c80c2c590d913d8021eb7e059dc695bc37e5670a7aa0843b9c1c4a75a390a958406cab65

Download Submit
C:\Users\Admin\AppData\Local\Temp\SkinSoft.VisualStyler.dll

Filesize
949KB

MD5
05c58268b4d54d419522124e6646c3db

SHA1
a96faaa33980ba9daa63aba282e75df6ef8d43b2

SHA256
a5ad9a34e1721a4086d2b6f1a1aa9da108a3fb6bb4e3ad5c26a495a5b7b41ba2

SHA512
382a2ebabbc0d77005749d310c2a10fde869b821e7196336532aa782c80c2c590d913d8021eb7e059dc695bc37e5670a7aa0843b9c1c4a75a390a958406cab65

Download Submit
memory/2732-163-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-193-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-137-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-138-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-136-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-139-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-140-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-141-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-142-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-143-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-166-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-145-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-146-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-147-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-148-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-149-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-150-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-151-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-153-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-152-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-154-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-155-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-156-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-157-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-159-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-158-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-161-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-160-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-162-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-132-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-196-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-135-0x0000000074A00000-0x0000000074FB1000-memory.dmp

Filesize
5.7MB

Download
memory/2732-144-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-167-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-168-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-169-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-170-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-171-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-172-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-173-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-174-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-175-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-176-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-178-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-177-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-179-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-180-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-181-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-182-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-183-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-184-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-185-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-186-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-187-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-188-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-189-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-190-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-191-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-192-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-165-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-194-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-164-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-195-0x0000000000EA0000-0x00000000010C6000-memory.dmp

Filesize
2.1MB

Download
memory/2732-280-0x0000000074A00000-0x0000000074FB1000-memory.dmp

Filesize
5.7MB

Download