Overview

overview

1

Static

static

1

Dusk_v.4.0.1.exe

windows7-x64

1

Dusk_v.4.0.1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    30s
  • max time network
    114s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    09/03/2023, 20:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dusk_v.4.0.1.exe

  • Size

    7.4MB

  • MD5

    c02d11e3b6bc705388b76d1a4e1fe2ab

  • SHA1

    333b393ef634896278ee65cc67c9ca0e95bc402b

  • SHA256

    5e31a80b81c8e9a2e7a56dc937b89ad30b9eefac1a2e8eab562d02c9fe02d761

  • SHA512

    0e6fba71a56c5cf6216183a21063e0130588096b30e0274bc5f74b8dc4599701fc1331c1e28caef9334176c2f5a52184543b978f60cf9b8019ac1fd0dfe6f8cc

  • SSDEEP

    98304:WIjBRnkn3aAZ5y50+AhlS3hjlIZT/mMNNjtwlUw/civJQM3Yy9MFmX//eV4d/:rDwn+WS35lI1/7NNdYJQMI+uEY4d

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Dusk_v.4.0.1.exe
    "C:\Users\Admin\AppData\Local\Temp\Dusk_v.4.0.1.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1428-54-0x0000000000B90000-0x00000000016D2000-memory.dmp

    Filesize

    11.3MB

    Download

  • memory/1428-55-0x0000000009E80000-0x0000000009FF6000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1428-56-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-57-0x0000000000650000-0x0000000000682000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1428-58-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-59-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-60-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-61-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-62-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-63-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1428-64-0x0000000009E40000-0x0000000009E80000-memory.dmp

    Filesize

    256KB

    Download