Analysis
-
max time kernel
90s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
02/02/2023, 17:37
General
-
Target
Install League of Legends la1.exe
-
Size
66.7MB
-
MD5
0dd7ec74b79bdc528d9ebda5f5d58caa
-
SHA1
347eb25abb87736a5fb78ef35ccc3f0fb1c964d3
-
SHA256
d2608eeb19b96c352fb829d56d873da29025fb66b0f219336b6b3b7a4eb8cb42
-
SHA512
8804254a2d2bdd9b72e08fc38566e3f9b69034b76b86509d35bf7913a864b61664af3a8725c3ddbc8728210719ebf46b7e2c92033a0aae7fb38f9af5680b9355
-
SSDEEP
1572864:TnRkz7Sp8K0UNl/Ywrt9E7lzPF5KBBhDIVIbjUp1xD:Gqp8KnAtqBBhDIVNj
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Install League of Legends la1.exe"C:\Users\Admin\AppData\Local\Temp\Install League of Legends la1.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Install League of Legends la1.exe"C:\Users\Admin\AppData\Local\Temp\Install League of Legends la1.exe" --agent --riotclient-app-port=49742 --riotclient-auth-token=1ViT5rOBU3_BwcqeqthF1g --app-root=C:/Users/Admin/AppData/Local/Temp "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install League of Legends la1/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install League of Legends la1/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install League of Legends la1" --session-id=61ba19d6-ede5-454f-8dc4-817fa11f41102⤵
- Suspicious use of AdjustPrivilegeToken
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
39B
MD598942c8ccda20ba012bc7244f7a5bb76
SHA1fee66bdc5fcb2b3544bebc784c0980ba0dd6b0fa
SHA25676827ca1cc0e1e6a54e453c821ea9183bd5801d53da590297b34b6183902af06
SHA5128957a4df3e7c489788b4cf61bdf7601c0facfcfd74a8af52bb4274d600894d6686238d5602286a56f9588de90f260c7f5d70f59d2f3974d09f91d1c345a7cc10