Overview

overview

10

Static

static

10

Endermanch...is.exe

windows7-x64

1

Endermanch...is.exe

windows10-2004-x64

Endermanch...ug.exe

windows7-x64

6

Endermanch...ug.exe

windows10-2004-x64

6

Endermanch...ck.exe

windows7-x64

7

Endermanch...ck.exe

windows10-2004-x64

7

Endermanch...om.exe

windows7-x64

1

Endermanch...om.exe

windows10-2004-x64

1

Endermanch...le.exe

windows7-x64

1

Endermanch...le.exe

windows10-2004-x64

1

Endermanch...er.exe

windows7-x64

7

Endermanch...er.exe

windows10-2004-x64

7

Endermanch...er.exe

windows7-x64

7

Endermanch...er.exe

windows10-2004-x64

7

Endermanch...er.exe

windows7-x64

Endermanch...er.exe

windows10-2004-x64

Endermanch...us.exe

windows7-x64

1

Endermanch...us.exe

windows10-2004-x64

1

Endermanch....C.exe

windows7-x64

10

Endermanch....C.exe

windows10-2004-x64

10

Endermanch...rd.exe

windows7-x64

10

Endermanch...rd.exe

windows10-2004-x64

9

Endermanch...a2.exe

windows7-x64

1

Endermanch...a2.exe

windows10-2004-x64

1

Endermanch...19.exe

windows7-x64

7

Endermanch...19.exe

windows10-2004-x64

7

Endermanch...eg.exe

windows7-x64

7

Endermanch...eg.exe

windows10-2004-x64

3

Endermanch...1).exe

windows7-x64

3

Endermanch...1).exe

windows10-2004-x64

3

Endermanch...ld.exe

windows7-x64

3

Endermanch...ld.exe

windows10-2004-x64

3

Resubmissions

10-05-2024 16:25

240510-tw1h5shh47 10

24-08-2023 11:16

230824-nda8msdf8z 10

05-08-2023 22:52

230805-2tn2bsfa82 10

24-07-2023 06:25

230724-g6s6laag35 10

22-07-2023 15:57

230722-tee6wabg5w 10

20-07-2023 23:19

230720-3bb5gsbf5v 10

20-07-2023 23:06

230720-23f23sba63 10

03-02-2021 11:43

210203-6bgge2nfan 10

22-11-2020 06:42

201122-6x1at779dj 10

Analysis

  • max time kernel
    132s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-07-2023 06:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Endermanch@HappyAntivirus.exe

  • Size

    1.9MB

  • MD5

    cb02c0438f3f4ddabce36f8a26b0b961

  • SHA1

    48c4fcb17e93b74030415996c0ec5c57b830ea53

  • SHA256

    64677f7767d6e791341b2eac7b43df90d39d9bdf26d21358578d2d38037e2c32

  • SHA512

    373f91981832cd9a1ff0b8744b43c7574b72971b5b6b19ea1f4665b6c878f7a1c7834ac08b92e0eca299eb4b590bf10f48a0485350a77a5f85fc3d2dd6913db3

  • SSDEEP

    49152:p/VoMTzwF77l0VqmuTefhLTtk31XyXb9:ptoMTzwVmq3ettk31ob9

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Endermanch@HappyAntivirus.exe
    "C:\Users\Admin\AppData\Local\Temp\Endermanch@HappyAntivirus.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:3524
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x4a0 0x498
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3524-134-0x0000000074420000-0x0000000074BD0000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/3524-133-0x00000000006F0000-0x00000000008E2000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/3524-135-0x0000000005250000-0x00000000052EC000-memory.dmp
    Filesize

    624KB

    Download
  • memory/3524-136-0x00000000058B0000-0x0000000005E54000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/3524-137-0x00000000053A0000-0x0000000005432000-memory.dmp
    Filesize

    584KB

    Download
  • memory/3524-138-0x0000000005350000-0x0000000005360000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3524-139-0x0000000005380000-0x000000000538A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/3524-140-0x0000000005590000-0x00000000055E6000-memory.dmp
    Filesize

    344KB

    Download
  • memory/3524-141-0x0000000005350000-0x0000000005360000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3524-142-0x0000000074420000-0x0000000074BD0000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/3524-143-0x0000000005350000-0x0000000005360000-memory.dmp
    Filesize

    64KB

    Download
  • memory/3524-144-0x0000000005350000-0x0000000005360000-memory.dmp
    Filesize

    64KB

    Download