Overview

overview

8

Static

static

3

spotidown-....0.zip

windows7-x64

1

spotidown-....0.zip

windows10-2004-x64

1

Assets/Error.png

windows7-x64

3

Assets/Error.png

windows10-2004-x64

3

Assets/NoImage.png

windows7-x64

3

Assets/NoImage.png

windows10-2004-x64

3

Assets/discord.png

windows7-x64

3

Assets/discord.png

windows10-2004-x64

3

Assets/github.png

windows7-x64

3

Assets/github.png

windows10-2004-x64

3

Assets/icon.png

windows7-x64

3

Assets/icon.png

windows10-2004-x64

3

Assets/share.png

windows7-x64

3

Assets/share.png

windows10-2004-x64

3

Assets/youtube.png

windows7-x64

3

Assets/youtube.png

windows10-2004-x64

3

Microsoft....ap.dll

windows7-x64

1

Microsoft....ap.dll

windows10-2004-x64

3

SpotiDown.exe

windows7-x64

1

SpotiDown.exe

windows10-2004-x64

8

SpotiDown.pdb

windows7-x64

3

SpotiDown.pdb

windows10-2004-x64

3

ico.ico

windows7-x64

3

ico.ico

windows10-2004-x64

3

resources.pri

windows7-x64

3

resources.pri

windows10-2004-x64

3

Analysis

  • max time kernel
    36s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07/06/2023, 21:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    spotidown-windows-2.0.zip

  • Size

    15.2MB

  • MD5

    1228f0f86d3cf86e13f91fbec1364c98

  • SHA1

    b60145f19a062dd080c1913ca34c1b6ab0d19bc5

  • SHA256

    4d9865f0117af795c636fa4ba7ade727711e212536825881fb1deb520357befd

  • SHA512

    be07a6a0cc2683701378d85f353b2b1b9b61e3d18e1eb1e34d359cd71d957cd3a702bc6bd24df33d88f6279d40db319c95e7e24a87da6c1472e399cb3e3e7ba3

  • SSDEEP

    393216:MZPfYK3kDoR0N2aEaw6/Lwik58RiZlI+oEw3zu3TyI9UsPE6BqFZ:M9fYK3kDk04aEBZinoPISw3zu3TNfccq

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\spotidown-windows-2.0.zip
    1⤵
      PID:1584
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:332
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x584
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1804

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads