Overview

overview

10

Static

static

10

NoodMaker.exe

windows7-x64

1

NoodMaker.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-11-2023 20:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NoodMaker.exe

  • Size

    1.8MB

  • MD5

    cb131b05dc3e42fad5caeadccbee378b

  • SHA1

    8965d8da52af8379704b09226252e185ae1b0f6f

  • SHA256

    53338d643052bb2082f1370c21a21ff41ee1e6f43b3bd937519d7c9a491aeb13

  • SHA512

    29ea1a20b01f81b1948c43cb2d62bc7045486d66b65705d5acd5e4b2c5a715b95028a880ed0c4e839d875aef2fd411431b600e21077a5621ef3997d954ddf011

  • SSDEEP

    49152:TL2snho42br76d4+SoXEp6FyhCEu4c8IvBaHOgTOa1t2icVsUrG:TXho4Ur76d2oK6FyhCEu4c8ISpt2icaU

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NoodMaker.exe
    "C:\Users\Admin\AppData\Local\Temp\NoodMaker.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4040
  • C:\Windows\system32\rundll32.exe
    "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
    1⤵
      PID:4320
    • C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe -k UnistackSvcGroup
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
      Filesize

      16KB

      MD5

      3f104edae70cbbf5ecaef960f4a16d79

      SHA1

      34a341f68fac86df7ccd60a6c8397112550fb07d

      SHA256

      d64d09ca297c99c845571f5767d99d51681cc456f296cce31e76964f446c6bea

      SHA512

      c4bb3f3fbed2df79a86dfde791446c351fb1550fe376bc975fa3aeb114b08b852800713cc2fce335303b0deef89ec3ce4712aa2d6dc81c6f8e859f5208e33a23

      Download Submit
    • memory/2556-40-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-33-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-42-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-34-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-35-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-36-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-37-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-38-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-43-0x000001EC55E70000-0x000001EC55E71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-0-0x000001EC4DB40000-0x000001EC4DB50000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2556-68-0x000001EC560C0000-0x000001EC560C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-32-0x000001EC56220000-0x000001EC56221000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-39-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-44-0x000001EC55E60000-0x000001EC55E61000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-46-0x000001EC55E70000-0x000001EC55E71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-49-0x000001EC55E60000-0x000001EC55E61000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-52-0x000001EC55DA0000-0x000001EC55DA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-16-0x000001EC4DC40000-0x000001EC4DC50000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2556-64-0x000001EC55FA0000-0x000001EC55FA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-66-0x000001EC55FB0000-0x000001EC55FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-67-0x000001EC55FB0000-0x000001EC55FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2556-41-0x000001EC56240000-0x000001EC56241000-memory.dmp
      Filesize

      4KB

      Download