Analysis
-
max time kernel
92s -
max time network
104s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
28-02-2023 17:29
General
-
Target
Eagle Monitor RAT Reborn/Eagle Monitor RAT Updater.exe
-
Size
1.9MB
-
MD5
eb71722ba5fbb1db282b301669f16dbb
-
SHA1
cdde833057ac088ad6104108bc9063596d75e32e
-
SHA256
774c5336a20dcecb00452ea815bc81a81ec425ccda34cc74bd31e127744eb5ad
-
SHA512
4db001322d9c432ac634b1f7b5b9763a03e0a39da51ede2bf8266ed9e856cb2cd54ffc3b09af91c6788305e9e369fd2dd2f2d4f9ba19d7413835d4dcec107d1e
-
SSDEEP
49152:+F5liZRy5rEAyb/g0/kKWapnjkzn6YlLBEOAEchW+w+W7SCgS:wSF/R/kYu6kFEOAElBh
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Eagle Monitor RAT Reborn\Eagle Monitor RAT Updater.exe"C:\Users\Admin\AppData\Local\Temp\Eagle Monitor RAT Reborn\Eagle Monitor RAT Updater.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1188-133-0x0000000000D60000-0x0000000000F4C000-memory.dmpFilesize
1.9MB
-
memory/1188-134-0x0000000005FE0000-0x0000000006584000-memory.dmpFilesize
5.6MB
-
memory/1188-135-0x00000000058F0000-0x0000000005982000-memory.dmpFilesize
584KB
-
memory/1188-136-0x00000000059B0000-0x00000000059BA000-memory.dmpFilesize
40KB
-
memory/1188-137-0x00000000059D0000-0x00000000059E0000-memory.dmpFilesize
64KB
-
memory/1188-138-0x00000000087F0000-0x0000000008812000-memory.dmpFilesize
136KB
-
memory/1188-139-0x00000000059D0000-0x00000000059E0000-memory.dmpFilesize
64KB