Analysis

  • max time kernel
    30s
  • max time network
    79s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/04/2023, 11:24

General

  • Target

    TwitchFollowBotbyKuroCracks/appslocal/e3b0c442/SID8dd4cb65/engine/RemoteExecuteScript.exe

  • Size

    256KB

  • MD5

    380808935225adab0da0ff851308c045

  • SHA1

    52e31532ddf4ccc51fc9a9721d1f6dfbfcd4829a

  • SHA256

    98f085672a8cd1f233a084ae0b61bcb4978ec907d8b647af7cf3ad3eb5cb74e6

  • SHA512

    89b7ca02071f228048151ccad993187b848242b6a36c5667b02aec4354f3439545e8577d0dbb28fbe5f798c96959619223762146de42bd23c2f6e1683d4803af

  • SSDEEP

    6144:HM61NmWpM4Yazu51A2cyItp1fRCXUWTBegT7wGETjMA/MZJl48N6irYHO8X:VNmkM4YazG19c3CEWTIgT7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TwitchFollowBotbyKuroCracks\appslocal\e3b0c442\SID8dd4cb65\engine\RemoteExecuteScript.exe
    "C:\Users\Admin\AppData\Local\Temp\TwitchFollowBotbyKuroCracks\appslocal\e3b0c442\SID8dd4cb65\engine\RemoteExecuteScript.exe"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:4124

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4124-133-0x000000006AFC0000-0x000000006B502000-memory.dmp

          Filesize

          5.3MB