Overview

overview

3

Static

static

1

Five-Night....3.zip

windows7-x64

1

Five-Night....3.zip

windows10-2004-x64

1

base.apk

android-9-x86

1

base.apk

android-10-x64

1

base.apk

android-11-x64

1

0GJr3U3vU5NtL977

windows7-x64

1

0GJr3U3vU5NtL977

windows10-2004-x64

1

38bggO91n750RahR

windows7-x64

1

38bggO91n750RahR

windows10-2004-x64

1

AjG78Wvri8FppoVD

windows7-x64

1

AjG78Wvri8FppoVD

windows10-2004-x64

1

HXH5EUBoXAE2Cvcw

windows7-x64

1

HXH5EUBoXAE2Cvcw

windows10-2004-x64

1

KCZRmzZoaQN3yvb9

windows7-x64

1

KCZRmzZoaQN3yvb9

windows10-2004-x64

1

MTMo8orhvqS5CNUm

windows7-x64

1

MTMo8orhvqS5CNUm

windows10-2004-x64

1

Mke1F52D8MOnAE6L

windows7-x64

1

Mke1F52D8MOnAE6L

windows10-2004-x64

1

PIdvFDD4Wtyr0mGo

windows7-x64

1

PIdvFDD4Wtyr0mGo

windows10-2004-x64

1

a3e0EaC19HMbDQMm

windows7-x64

1

a3e0EaC19HMbDQMm

windows10-2004-x64

1

kMIDNKxacjT6JIO6

windows7-x64

1

kMIDNKxacjT6JIO6

windows10-2004-x64

1

lVqUDL8fSDGZuf2h

windows7-x64

1

lVqUDL8fSDGZuf2h

windows10-2004-x64

1

icon.png

windows7-x64

3

icon.png

windows10-2004-x64

3

meta.sai_v1.json

windows7-x64

3

meta.sai_v1.json

windows10-2004-x64

3

meta.sai_v2.json

windows7-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-11-2023 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    kMIDNKxacjT6JIO6

  • Size

    35KB

  • MD5

    38bc3676ad82aaa1fc535c05967703bc

  • SHA1

    ac10de2229566c1521e2338bdc2a39cd772f3f18

  • SHA256

    89eb6fa733fafa6a042099a9b9356b100a7555c4c84c939cbafef6ddc62126a7

  • SHA512

    97dbf93e5efc528e90fd746c4980cde621a550ee9aa628480673e9d5639db03d2820693b73bed723fa51b2acab848328c8e7418d34eebd41fb83e8dee2aeb745

  • SSDEEP

    768:nMXm2VuBfMawaxYMXQ6634dmEDJyhFeO1JOdwKsW1fEXUiY6PAmwYtLsRE5Oy2:MXTsVCF6mEdjq4Hn1sXJlom/LAy2

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\kMIDNKxacjT6JIO6
    1⤵
      PID:1692
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2564
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2064

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        a83c197e432564f9541628ba3eada283

        SHA1

        586e79d34b70d08edd952b399c6a08995279708f

        SHA256

        34f5b9d93e8dcb5bac17aa110a9a9f1a69c2cf9aa55bd4cef6169e0f93a39a21

        SHA512

        0fdb71e0d3648d7de3384cef490a6f68b83624e265c798fe9a26b1a6b5b9965d493835db43f1c33885bfbbee3a4c1fccf027ef5c935c97a4e6c61709015823ba

        Download Submit

      • memory/2064-40-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-33-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-42-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-34-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-35-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-36-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-37-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-38-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-43-0x000001FB0A690000-0x000001FB0A691000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-0-0x000001FB02350000-0x000001FB02360000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2064-68-0x000001FB0A8E0000-0x000001FB0A8E1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-32-0x000001FB0AA40000-0x000001FB0AA41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-39-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-44-0x000001FB0A680000-0x000001FB0A681000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-46-0x000001FB0A690000-0x000001FB0A691000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-49-0x000001FB0A680000-0x000001FB0A681000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-52-0x000001FB0A5C0000-0x000001FB0A5C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-16-0x000001FB02450000-0x000001FB02460000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2064-64-0x000001FB0A7C0000-0x000001FB0A7C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-66-0x000001FB0A7D0000-0x000001FB0A7D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-67-0x000001FB0A7D0000-0x000001FB0A7D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2064-41-0x000001FB0AA60000-0x000001FB0AA61000-memory.dmp

        Filesize

        4KB

        Download