f3e628509e4a0d538502ee3f71b3091f4dd2375370d7c1ef4f23b632b579d1b2

Analysis

max time kernel
158s
max time network
171s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
07/10/2023, 16:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PC_FridayNightFappin/FridayNightFappin.exe
Size

625KB
MD5

ef11a2e42b6a07768ea8a43f74ca74c7
SHA1

b7b4812531813a93a2e5c47ec8d622758d15d6d8
SHA256

690cfc5c91668a4b9790f5eab4c95b9a750a1eae993b3f357b4b1459df317a59
SHA512

132b9f81c3d55bc0e72be9f23f3543e8032ff6658432d2348e175a6956b0aaa757b1482dc7bb68c763448520da00fec65b22941464a2822fc4538ae5fbf5d525
SSDEEP

6144:kVls9uudIBfCol2Yg3r8HhZQPwq1fS+4pwLNtFCP:g+xefCoTKg/Zq9b4pYNtUP

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3592	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3592	AUDIODG.EXE

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1028	FridayNightFappin.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1028 wrote to memory of 3988	1028	FridayNightFappin.exe	86
PID 1028 wrote to memory of 3988	1028	FridayNightFappin.exe	86
PID 1028 wrote to memory of 3988	1028	FridayNightFappin.exe	86

C:\Users\Admin\AppData\Local\Temp\PC_FridayNightFappin\FridayNightFappin.exe
"C:\Users\Admin\AppData\Local\Temp\PC_FridayNightFappin\FridayNightFappin.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1028
- C:\Users\Admin\AppData\Local\Temp\PC_FridayNightFappin\UnityCrashHandler32.exe
  "C:\Users\Admin\AppData\Local\Temp\PC_FridayNightFappin\UnityCrashHandler32.exe" --attach 1028 51449856
  2⤵
  PID:3988

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0 0x310
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\nsfwclubgames\FridayNightFappin\SaveFile.es3

Filesize
84B

MD5
25b251afaf3523867a0b67ddc5248a27

SHA1
6e74a76a882758df6f32cbde8a1af8ecefdcff99

SHA256
ae8a1e78cbd59d48396818b10f0ef6620893ce2227331cd98b511337a170d556

SHA512
dcc5e3180cc241a5471ea11b14764d13aa29d8c7ddcf9dcf5acbee0911e1c431eeebfaa7e6915afcbc9005cac8ea1b2546bbbf10c119ae1eff75f474a8635379

Download Submit
memory/1028-16-0x000000000EE90000-0x000000000EEA0000-memory.dmp

Filesize
64KB

Download
memory/1028-18-0x000000000EEA0000-0x000000000EEB0000-memory.dmp

Filesize
64KB

Download
memory/1028-3-0x000000000E370000-0x000000000E380000-memory.dmp

Filesize
64KB

Download
memory/1028-4-0x0000000003190000-0x00000000031A0000-memory.dmp

Filesize
64KB

Download
memory/1028-5-0x0000000003180000-0x0000000003190000-memory.dmp

Filesize
64KB

Download
memory/1028-6-0x000000000EE80000-0x000000000EE90000-memory.dmp

Filesize
64KB

Download
memory/1028-7-0x000000000EE90000-0x000000000EEA0000-memory.dmp

Filesize
64KB

Download
memory/1028-8-0x000000000EEA0000-0x000000000EEB0000-memory.dmp

Filesize
64KB

Download
memory/1028-17-0x000000000EEB0000-0x000000000EEC0000-memory.dmp

Filesize
64KB

Download
memory/1028-11-0x000000000BC40000-0x000000000BC50000-memory.dmp

Filesize
64KB

Download
memory/1028-10-0x000000000F000000-0x000000000F020000-memory.dmp

Filesize
128KB

Download
memory/1028-12-0x000000000F020000-0x000000000F030000-memory.dmp

Filesize
64KB

Download
memory/1028-13-0x000000000E370000-0x000000000E380000-memory.dmp

Filesize
64KB

Download
memory/1028-14-0x0000000019D60000-0x0000000019D70000-memory.dmp

Filesize
64KB

Download
memory/1028-2-0x000000000BC40000-0x000000000BC50000-memory.dmp

Filesize
64KB

Download
memory/1028-15-0x000000000EE80000-0x000000000EE90000-memory.dmp

Filesize
64KB

Download
memory/1028-9-0x000000000EEB0000-0x000000000EEC0000-memory.dmp

Filesize
64KB

Download
memory/1028-0-0x0000000003190000-0x00000000031A0000-memory.dmp

Filesize
64KB

Download
memory/1028-19-0x000000000F000000-0x000000000F020000-memory.dmp

Filesize
128KB

Download
memory/1028-20-0x000000000F020000-0x000000000F030000-memory.dmp

Filesize
64KB

Download
memory/1028-21-0x0000000019D60000-0x0000000019D70000-memory.dmp

Filesize
64KB

Download
memory/1028-22-0x0000000019EB0000-0x0000000019EC0000-memory.dmp

Filesize
64KB

Download
memory/1028-23-0x0000000019ED0000-0x0000000019EE0000-memory.dmp

Filesize
64KB

Download
memory/1028-26-0x0000000019EE0000-0x0000000019EF0000-memory.dmp

Filesize
64KB

Download
memory/1028-33-0x000000000E490000-0x000000000E4A0000-memory.dmp

Filesize
64KB

Download
memory/1028-1-0x0000000003180000-0x0000000003190000-memory.dmp

Filesize
64KB

Download
memory/1028-39-0x000000000E530000-0x000000000E540000-memory.dmp

Filesize
64KB

Download
memory/1028-41-0x0000000019EB0000-0x0000000019EC0000-memory.dmp

Filesize
64KB

Download
memory/1028-42-0x0000000019ED0000-0x0000000019EE0000-memory.dmp

Filesize
64KB

Download
memory/1028-43-0x0000000019EE0000-0x0000000019EF0000-memory.dmp

Filesize
64KB

Download
memory/1028-44-0x000000000E490000-0x000000000E4A0000-memory.dmp

Filesize
64KB

Download
memory/1028-45-0x000000000E530000-0x000000000E540000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads