Overview

overview

3

Static

static

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...up.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

3

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...er.exe

windows10-2004-x64

1

moonspoofe...up.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    52s
  • max time network
    65s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-12-2022 13:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    moonspoofer-main/moonspoofer/publikuj/Application Files/UranSpoofer_1_0_0_17/Confused/UranSpoofer.exe

  • Size

    4.2MB

  • MD5

    c6cdd538f1188ccb3b896321e5c05484

  • SHA1

    9f734e5549880f4a2f62017caa9273a40e248914

  • SHA256

    7089e9e3275f362c86a326b1c2b0d78b76936b6b64e83b26d38a7709eb595917

  • SHA512

    48a0e1eb930d0f2fb78aa5f36891a942f5ce54736ab8fdb34ef937c089039a2538469707b09a6a4c946b78c3a9674d7712cc6d942529cdd7b59c5597f4bf6a0c

  • SSDEEP

    98304:y+UAgd9nKTUP0sCDqQbgOktRaykSH58EAlSEJePDbHkvsH+6:y7jd9n3PAFgOM55AebbEvV6

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\moonspoofer-main\moonspoofer\publikuj\Application Files\UranSpoofer_1_0_0_17\Confused\UranSpoofer.exe
    "C:\Users\Admin\AppData\Local\Temp\moonspoofer-main\moonspoofer\publikuj\Application Files\UranSpoofer_1_0_0_17\Confused\UranSpoofer.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4092-132-0x0000000000930000-0x0000000000D6E000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/4092-133-0x0000000005C10000-0x00000000061B4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4092-134-0x0000000005880000-0x0000000005912000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4092-135-0x0000000005800000-0x0000000005812000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4092-136-0x0000000005A10000-0x0000000005A1A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4092-137-0x00000000061C0000-0x000000000630E000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/4092-138-0x0000000006960000-0x0000000006D20000-memory.dmp

    Filesize

    3.8MB

    Download