Overview

overview

3

Static

static

1

Five-Night....3.zip

windows7-x64

1

Five-Night....3.zip

windows10-2004-x64

1

base.apk

android-9-x86

1

base.apk

android-10-x64

1

base.apk

android-11-x64

1

0GJr3U3vU5NtL977

windows7-x64

1

0GJr3U3vU5NtL977

windows10-2004-x64

1

38bggO91n750RahR

windows7-x64

1

38bggO91n750RahR

windows10-2004-x64

1

AjG78Wvri8FppoVD

windows7-x64

1

AjG78Wvri8FppoVD

windows10-2004-x64

1

HXH5EUBoXAE2Cvcw

windows7-x64

1

HXH5EUBoXAE2Cvcw

windows10-2004-x64

1

KCZRmzZoaQN3yvb9

windows7-x64

1

KCZRmzZoaQN3yvb9

windows10-2004-x64

1

MTMo8orhvqS5CNUm

windows7-x64

1

MTMo8orhvqS5CNUm

windows10-2004-x64

1

Mke1F52D8MOnAE6L

windows7-x64

1

Mke1F52D8MOnAE6L

windows10-2004-x64

1

PIdvFDD4Wtyr0mGo

windows7-x64

1

PIdvFDD4Wtyr0mGo

windows10-2004-x64

1

a3e0EaC19HMbDQMm

windows7-x64

1

a3e0EaC19HMbDQMm

windows10-2004-x64

1

kMIDNKxacjT6JIO6

windows7-x64

1

kMIDNKxacjT6JIO6

windows10-2004-x64

1

lVqUDL8fSDGZuf2h

windows7-x64

1

lVqUDL8fSDGZuf2h

windows10-2004-x64

1

icon.png

windows7-x64

3

icon.png

windows10-2004-x64

3

meta.sai_v1.json

windows7-x64

3

meta.sai_v1.json

windows10-2004-x64

3

meta.sai_v2.json

windows7-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/11/2023, 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HXH5EUBoXAE2Cvcw

  • Size

    29KB

  • MD5

    119bf5bf86ed2c95f332fd8f4527d1cc

  • SHA1

    002df13dca8291eda843a9c841be397e70ae2cc0

  • SHA256

    672577d74be1f6e8a42f3b8e1808214e257443f6c6f35b00de842900fbec709b

  • SHA512

    0024b9c908beb5e5b5023cd433e148861c8a809b8fae6585500dff5d432e7b3d0133fe44f31e9faafd45a237c208e974576f531dffd7646178e234a0d9895b33

  • SSDEEP

    768:GKMTv6GbK+wGgEU3SRAD4or2iIw/IuXyKXweM:GKsvJbK+9zUkiPQlreM

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\HXH5EUBoXAE2Cvcw
    1⤵
      PID:4720
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4384
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4848

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        890ad103f44f4d2c5ed7a16e9caea395

        SHA1

        05a53510cf6d19f943ad8150c523e0105a829ced

        SHA256

        c828e970ee6fc1f912a5e64336edd82e354922b4f0e336ed456a0e98bab0f651

        SHA512

        93c2cc970931d6d3ee477c1064176741116be4636acac21f3c8cfa43f272f0d554b062a690d631088ce27346251dc6041d4d040c8b4c7706cde8d34de2d194d5

        Download Submit

      • memory/4848-40-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-42-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-33-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-34-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-35-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-36-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-37-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-38-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-39-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-43-0x0000026A26320000-0x0000026A26321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-32-0x0000026A266D0000-0x0000026A266D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-41-0x0000026A266F0000-0x0000026A266F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-0-0x0000026A1E040000-0x0000026A1E050000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4848-44-0x0000026A26310000-0x0000026A26311000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-46-0x0000026A26320000-0x0000026A26321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-49-0x0000026A26310000-0x0000026A26311000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-52-0x0000026A26250000-0x0000026A26251000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-16-0x0000026A1E140000-0x0000026A1E150000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4848-64-0x0000026A26450000-0x0000026A26451000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-66-0x0000026A26460000-0x0000026A26461000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-67-0x0000026A26460000-0x0000026A26461000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4848-68-0x0000026A26570000-0x0000026A26571000-memory.dmp

        Filesize

        4KB

        Download