Analysis
-
max time kernel
65s -
max time network
73s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
13/03/2023, 06:56
General
-
Target
Install VALORANT.exe
-
Size
66.1MB
-
MD5
00a47672b1cff3347a123103e8412f60
-
SHA1
8f6469c05158ea9c6d304bcc8abedc8639cd2146
-
SHA256
11cb9b34f4e538daa8141c410f722079bd7e70f65a7100cec431a2316ec6afc3
-
SHA512
9c7d98e8bcfb687750ad24f6766ec997a20b995ff68b8d98fe917a6057d7ba638789728292cf90d62823012f88a35a036a13ab3a98e8f008ad35ff4677de2e0d
-
SSDEEP
1572864:HnRkzKSp8K0UNl/Ywrt9E7lzPF5KBBhDIVIbjUp1xDo:SNp8KnAtqBBhDIVNjU
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe"C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe"C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe" --agent --riotclient-app-port=49748 --riotclient-auth-token=sRXXG7oHw7oRUObJe9zhkw --app-root=C:/Users/Admin/AppData/Local/Temp "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install VALORANT/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT" --session-id=c6bf31d1-1ee4-fd4a-a47c-09781a1c7d622⤵
- Suspicious use of AdjustPrivilegeToken
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
39B
MD5840377468c99a9b56b76378df9472cc9
SHA1a34e029e1831642fa75f2d3ae7b4e9860538ec2b
SHA2564850da9dac3a585b88a5bf8460b608926c6319fed110acaafcee17f12be3b824
SHA512fd326559a30e14714a7e1fcfb120088c7fee013d131540d217a1323f3b3acbb0b21ac0870f3b37bf9a9eae348c592e44cce659c83565cea1c2e835f5d7003e00