Analysis
-
max time kernel
142s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
-
submitted
26-08-2023 15:16
General
-
Target
rust.exe
-
Size
1.4MB
-
MD5
43fc85427519d07c65364a8904212634
-
SHA1
e6fa04721fee9c9d01d6bb7cf6a634baeacc029f
-
SHA256
b15d5d548128b962d1ff341c344d5e993d674d0c174d0ca0d1557bbff0fd0721
-
SHA512
2ed1c887226ff3517771ef48a58497d8e469e9888c2dc57a23690f077de18135855852853e40fa215c65c89aae9942f962a670ae3361d1ff7a4ddebe7ae59646
-
SSDEEP
24576:JX1rXqQx0d6AVQxCmQbkAZg7EmgSv+BnwnhQH7EFmIr1sUQsFO33klkIEKUItS:XraQx0toheugEonwny1pUjuKa
Score
6/10
Malware Config
Signatures
-
Drops desktop.ini file(s) 1 IoCs
-
Modifies registry class 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\rust.exe"C:\Users\Admin\AppData\Local\Temp\rust.exe"1⤵
-
C:\Windows\System32\GameBarPresenceWriter.exe"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer1⤵
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService1⤵
- Drops desktop.ini file(s)
- Modifies registry class
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
190B
MD5b0d27eaec71f1cd73b015f5ceeb15f9d
SHA162264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA25686d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA5127b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c