Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Manhunt2.exe

windows7-x64

1

Manhunt2.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2023, 00:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Manhunt2.exe

  • Size

    3.1MB

  • MD5

    1fc192736e54c23585e82ee8d1057af9

  • SHA1

    9a7053ada233b3aeb2433509dbeba9c45b086cbc

  • SHA256

    f90f02454240d09058d0cc8e975d741652bfbea6e1de9e5e61c0fdbafb685441

  • SHA512

    a243f57ad312b816d1f37312f56d027cbf98db0174522e18bace932828c695ed1b2bfc511b02f7e34bb8707d3078219f84d1f24bfaab1f609368bc2e83f2045d

  • SSDEEP

    24576:n8qvkZUeUAvWT2jmmX1agk90I/nyf63EZOpzx8pViAdQWyY0xq3yugnyePC2lZom:nDkiesT5mTwhmcxY0UGcrWBPlbs94ZA+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Manhunt2.exe
    "C:\Users\Admin\AppData\Local\Temp\Manhunt2.exe"
    1⤵
      PID:2176
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4700
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4140

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        4ddb9f8206ed1e281a5650f33c836443

        SHA1

        8b31e1bbe5a312a29d791f7542896c18def33b7e

        SHA256

        92095c90092fcb5228bcf27bc78cb26b25f6e922a875119fea0998f05207dace

        SHA512

        3c8d32e5f8950c829ff0b290981edb78c76445781479d511e8f8bd6dd5d255777b95f0eff07edd4ba18c3ca4b169147c76892c91f229e5f2011e39aaaf66cf78

        Download Submit

      • memory/2176-133-0x0000000000400000-0x00000000007D9000-memory.dmp

        Filesize

        3.8MB

        Download

      • memory/4140-175-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-176-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-167-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-168-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-169-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-170-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-171-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-172-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-173-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-177-0x0000023F3E060000-0x0000023F3E061000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-166-0x0000023F3E410000-0x0000023F3E411000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-150-0x0000023F35E40000-0x0000023F35E50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4140-174-0x0000023F3E430000-0x0000023F3E431000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-178-0x0000023F3E050000-0x0000023F3E051000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-180-0x0000023F3E060000-0x0000023F3E061000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-183-0x0000023F3E050000-0x0000023F3E051000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-186-0x0000023F3DF90000-0x0000023F3DF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-134-0x0000023F35D40000-0x0000023F35D50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4140-198-0x0000023F3E190000-0x0000023F3E191000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-200-0x0000023F3E1A0000-0x0000023F3E1A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-201-0x0000023F3E1A0000-0x0000023F3E1A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4140-202-0x0000023F3E2B0000-0x0000023F3E2B1000-memory.dmp

        Filesize

        4KB

        Download