Overview

overview

3

Static

static

3

MonoBleedi...tor.js

windows10-2004-x64

1

MonoBleedi...tor.js

windows10-2004-x64

1

UnityCrash...64.exe

windows10-2004-x64

1

UnityPlayer.dll

windows10-2004-x64

1

my eyes deceive.exe

windows10-2004-x64

1

my eyes de...ss.dll

windows10-2004-x64

1

my eyes de...rp.dll

windows10-2004-x64

1

my eyes de...ty.dll

windows10-2004-x64

1

my eyes de...on.dll

windows10-2004-x64

1

my eyes de...on.dll

windows10-2004-x64

1

my eyes de...re.dll

windows10-2004-x64

1

my eyes de...ta.dll

windows10-2004-x64

1

my eyes de...ce.dll

windows10-2004-x64

1

my eyes de...ng.dll

windows10-2004-x64

1

my eyes de...es.dll

windows10-2004-x64

1

my eyes de...ns.dll

windows10-2004-x64

1

my eyes de...em.dll

windows10-2004-x64

1

my eyes de...on.dll

windows10-2004-x64

1

my eyes de...tp.dll

windows10-2004-x64

1

my eyes de...cs.dll

windows10-2004-x64

1

my eyes de...ml.dll

windows10-2004-x64

1

my eyes de...on.dll

windows10-2004-x64

1

my eyes de...ls.dll

windows10-2004-x64

1

my eyes de...ns.dll

windows10-2004-x64

1

my eyes de...nq.dll

windows10-2004-x64

1

my eyes de...nt.dll

windows10-2004-x64

1

my eyes de...ml.dll

windows10-2004-x64

1

my eyes de...em.dll

windows10-2004-x64

1

my eyes de...me.dll

windows10-2004-x64

1

my eyes de...sg.dll

windows10-2004-x64

1

my eyes de...ee.dll

windows10-2004-x64

1

my eyes de...ri.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/11/2023, 21:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    my eyes deceive_Data/Managed/System.IO.Compression.dll

  • Size

    96KB

  • MD5

    bd03377bb478fe581834bb237b4c6725

  • SHA1

    c3ae3bcd5c8d9af77cc579e1d335f8cf6d2a2415

  • SHA256

    6045d16e65834f67b2604359a137a4b74434293813ccab0d86b34c5f7b1785fa

  • SHA512

    7cd60c00a40e4dcb5b4fbcbd71ed2249d0e2baef48aafd2a72cf95040c653187109b85f96167bb8e550d38b630129dd7df597d104e3284a6ade425c480f25501

  • SSDEEP

    1536:mVYlTkwzl46ORXHNopHEJo5JK1/E9ITZOBLOTX8MHujjHs67b:mVYZH5460XNopgo5JK1s9NCTXFHuXTP

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\my eyes deceive_Data\Managed\System.IO.Compression.dll",#1
    1⤵
      PID:4344
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4884
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1344

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1344-0-0x0000024C64B40000-0x0000024C64B50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1344-16-0x0000024C64C40000-0x0000024C64C50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1344-32-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-33-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-34-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-35-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-36-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-37-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-38-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-39-0x0000024C6D1F0000-0x0000024C6D1F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-40-0x0000024C6D200000-0x0000024C6D201000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-41-0x0000024C6D200000-0x0000024C6D201000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-42-0x0000024C6D200000-0x0000024C6D201000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-43-0x0000024C6CE40000-0x0000024C6CE41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-44-0x0000024C6CE30000-0x0000024C6CE31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-46-0x0000024C6CE40000-0x0000024C6CE41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-49-0x0000024C6CE30000-0x0000024C6CE31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-52-0x0000024C6CD70000-0x0000024C6CD71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-64-0x0000024C6CF70000-0x0000024C6CF71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-66-0x0000024C6CF80000-0x0000024C6CF81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-67-0x0000024C6CF80000-0x0000024C6CF81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1344-68-0x0000024C6D090000-0x0000024C6D091000-memory.dmp

        Filesize

        4KB

        Download