8b3a67f605c4b872016e8738f41bbb9c48872584b23d4378a252687a771220a5

Analysis

max time kernel
150s
max time network
106s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
27/04/2023, 21:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

God of War v1.0-v1.0.2 Plus 15 Trainer.exe
Size

1.4MB
MD5

9faacd1a138c7b8835ef20c59ac21108
SHA1

9d2273ffa0a4feca417aa77745b1c31931d67973
SHA256

4ec7dfe3818d650ed9adc12dc8127adb656bfcb42b779b7a4536502f291ce175
SHA512

14b0e1ad0a9db3f455723215b7467275c944370d18cce691706f8c368fcf806d7d3741af74c383334746239bf8cd7d58ae42c732a59dbb4aac2347c90c4c089a
SSDEEP

24576:bQdnyqwGxVsxD9m02dT4hqJDDfyNYpXDSv5bJ7:WeGHsxxmNEhq9qNYp+V7

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe
1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1052	God of War v1.0-v1.0.2 Plus 15 Trainer.exe

C:\Users\Admin\AppData\Local\Temp\God of War v1.0-v1.0.2 Plus 15 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\God of War v1.0-v1.0.2 Plus 15 Trainer.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\FLiNGTrainer\TrainerSettings.ini

Filesize
29B

MD5
100ad43a6e39d44013fad7f3aa343e3b

SHA1
dc8050bdee8a74354cb4a2057e4e703e7a460943

SHA256
a7b15ee77dd0db946e7fdbf574889bd30c23fa3d7bff6d509df118595ee14ec5

SHA512
20f9b26416804f917d0642d35de32ccae0849c34bff4eb75c6450b1ee83756f3275850101d7482eb59c78356b1489c2d4db6cd95ae9b72b64d5eeab700d36ba8

Download Submit
memory/1052-54-0x0000000001D20000-0x0000000001D5E000-memory.dmp

Filesize
248KB

Download
memory/1052-56-0x000000001AEF0000-0x000000001AF70000-memory.dmp

Filesize
512KB

Download
memory/1052-55-0x000000001AEF0000-0x000000001AF70000-memory.dmp

Filesize
512KB

Download
memory/1052-57-0x000000001AEF0000-0x000000001AF70000-memory.dmp

Filesize
512KB

Download
memory/1052-61-0x000000001AEF0000-0x000000001AF70000-memory.dmp

Filesize
512KB

Download
memory/1052-82-0x000000001AEF0000-0x000000001AF70000-memory.dmp

Filesize
512KB

Download