ce824d6210e678b8df7985f6b81e09e18835b3b316f7df2e6e08fb17a48dd833

Analysis

max time kernel
38s
max time network
62s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
18-12-2022 13:36

Target

moonspoofer-main/moonspoofer/bin/Release/MoonSpoofer.exe
Size

366KB
MD5

05a818e32cabf2959b6a163b3f24cdf4
SHA1

4ce4103680a0a654bc24be1a561292656fe59005
SHA256

01bfe4c5b557c60274cc43624b637c52f20584d8e4aa24d780e547c4b2ba1059
SHA512

8ff7351e2b0f67662e687466a4bff6661a89858b66b8975b535d942175ce48ce7c9bf7ee007d02d3d4c6fb6011661c1a5d95ceb7afa89e277f1675674333be1d
SSDEEP

6144:hXnxbPLaA9v7xpKpLo/3Ew/uo27pUogiDsZAEw/uo2uEw/uo2uEw/uo23ja:RWs0K527lsZK52hK52hK52Ta

Score

1^/10

Delays execution with timeout.exe 1 IoCs

evasion

pid	Process
384	timeout.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4940	MoonSpoofer.exe

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 4940 wrote to memory of 240	4940	MoonSpoofer.exe	85
PID 4940 wrote to memory of 240	4940	MoonSpoofer.exe	85
PID 4940 wrote to memory of 240	4940	MoonSpoofer.exe	85
PID 240 wrote to memory of 4560	240	cmd.exe	87
PID 240 wrote to memory of 4560	240	cmd.exe	87
PID 240 wrote to memory of 4560	240	cmd.exe	87
PID 4560 wrote to memory of 384	4560	cmd.exe	90
PID 4560 wrote to memory of 384	4560	cmd.exe	90
PID 4560 wrote to memory of 384	4560	cmd.exe	90

memory/4940-132-0x00000000003E0000-0x0000000000440000-memory.dmp

Filesize
384KB

Download
memory/4940-133-0x0000000005300000-0x00000000058A4000-memory.dmp

Filesize
5.6MB

Download
memory/4940-134-0x0000000004DF0000-0x0000000004E82000-memory.dmp

Filesize
584KB

Download
memory/4940-135-0x0000000004F90000-0x0000000004F9A000-memory.dmp

Filesize
40KB

Download
memory/4940-136-0x00000000058B0000-0x00000000059FE000-memory.dmp

Filesize
1.3MB

Download
memory/4940-137-0x0000000005F30000-0x00000000062F0000-memory.dmp

Filesize
3.8MB

Download
memory/4940-138-0x00000000093A0000-0x00000000093B2000-memory.dmp

Filesize
72KB

Download