Analysis
-
max time kernel
133s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
25-01-2023 10:38
General
-
Target
Fnf multi indev/FunkinMulti.exe
-
Size
15MB
-
MD5
2cf32f14cb000d1af1d0514450f3ff49
-
SHA1
adc575ed46e79dce4c6c47acd7e74d0d0548c2c0
-
SHA256
7bdc77e38f6b46af4b542fba305f96aa8024932eb4a0e5ab73a0a15d0af5b112
-
SHA512
5d12e2b8e0a464e3abe6a7af270b3cb676466dbd4990ae344a89fa408641dbc9ded364bea87692d0ba05856e39b2561b14f74f8116d065da6d06a8d516614524
-
SSDEEP
196608:0tjaaVveZ0plykebSrZeP8Lc2p0ufC1NZ9H:0tjaaVWZ0pUkebSleP8Lc2LCPZB
Score
1/10
Malware Config
Signatures
-
Modifies registry class ⋅ 9 IoCs
-
Suspicious use of AdjustPrivilegeToken ⋅ 4 IoCs
-
Suspicious use of SetWindowsHookEx ⋅ 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Fnf multi indev\FunkinMulti.exePID:940"C:\Users\Admin\AppData\Local\Temp\Fnf multi indev\FunkinMulti.exe"Modifies registry classSuspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEPID:892C:\Windows\system32\AUDIODG.EXE 0xc8Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Downloads
Loading data