30073aefd049bef5c552297b13ff2c606da0d3a3863177816a5644a2f397f0f8

Resubmissions

22/05/2023, 07:52

22/05/2023, 07:48

max time kernel
135s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
22/05/2023, 07:48

Target

EpicLauncher GameLocator.exe
Size

544KB
MD5

bb6365c148588cf6e6e6f7cbc6d284af
SHA1

3005228d79aaf5874a96ba8560bdf49ad416f445
SHA256

de7673e239ab7c33440f38ead3dad5dc0f474962556e106d0b80c8f9e1e68312
SHA512

8fef664146ce6e0f6c4cd54e5ee0c5fe1392bc74ed1bdb578809b466b612425e88e478d2616ce71a773bd7c233c8a475c9e4750a6c2428bb00283f76130af9e7
SSDEEP

1536:qr5UKyNGu2xzzKVTvzdj/OF2CShu2xzzKVTvzdj/OF2CT:Wm92pzAh2Nl2pzAh2NT

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4284	EpicLauncher GameLocator.exe
4284	EpicLauncher GameLocator.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4284	EpicLauncher GameLocator.exe

memory/4284-133-0x0000000000940000-0x00000000009CE000-memory.dmp

Filesize
568KB

Download
memory/4284-134-0x0000000002BA0000-0x0000000002BB0000-memory.dmp

Filesize
64KB

Download
memory/4284-135-0x0000000005560000-0x000000000556A000-memory.dmp

Filesize
40KB

Download
memory/4284-136-0x0000000005950000-0x000000000596A000-memory.dmp

Filesize
104KB

Download
memory/4284-137-0x0000000005F10000-0x0000000005F18000-memory.dmp

Filesize
32KB

Download
memory/4284-138-0x0000000002BA0000-0x0000000002BB0000-memory.dmp

Filesize
64KB

Download
memory/4284-139-0x0000000008720000-0x0000000008758000-memory.dmp

Filesize
224KB

Download
memory/4284-140-0x0000000008000000-0x000000000800E000-memory.dmp

Filesize
56KB

Download
memory/4284-141-0x0000000002BA0000-0x0000000002BB0000-memory.dmp

Filesize
64KB

Download
memory/4284-142-0x0000000002BA0000-0x0000000002BB0000-memory.dmp

Filesize
64KB

Download