Overview

overview

3

Static

static

3

MPG123Wrapper.exe

windows7-x64

1

MPG123Wrapper.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-11-2023 11:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MPG123Wrapper.exe

  • Size

    32KB

  • MD5

    b4c773d55d4fa46a86c14344299e2ed9

  • SHA1

    72c62bf289c206f9805ca3b26f9683a9d35181bc

  • SHA256

    983542aad4a124e43fe73ca995af8678341b8e888efcaae5d7bc798ec04bcbf6

  • SHA512

    cea9c8dbb89584ecf01d6aeff561dae474165494b0f731c5efd35905c61614769e5d4e861bea987c46b82ac934a495f38013003e4aed44e484e29d5e0d9988d1

  • SSDEEP

    384:pSQ0emDWxvaFJJ4aWqXY83sIAKPuNYlGFAjCOAh:pR0hKxkWSY6AKPnl7COA

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MPG123Wrapper.exe
    "C:\Users\Admin\AppData\Local\Temp\MPG123Wrapper.exe"
    1⤵
      PID:3420
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4004
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3368

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        d809b68f3d7217c8f439fa6104b39b85

        SHA1

        d340c102a7f113aeb1657366c3c498aef0312203

        SHA256

        cff75640077a7044ce5161376b9e1097493b14c70ea737b1eb13bd70b257e6ee

        SHA512

        b778aab3b2c515704921487b567c7df462ce8e4d193130c4f9dbfd3a5ec344c726f67895022b57e5ffb281771ef541b00bcbef9b8778802c838436a3bafb364d

        Download Submit

      • memory/3368-54-0x0000024179B10000-0x0000024179B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-53-0x0000024179B20000-0x0000024179B21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-45-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-77-0x0000024179C60000-0x0000024179C61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-46-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-74-0x0000024179C50000-0x0000024179C51000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-47-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-62-0x0000024179A50000-0x0000024179A51000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-59-0x0000024179B10000-0x0000024179B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-10-0x0000024171840000-0x0000024171850000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3368-26-0x0000024171940000-0x0000024171950000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3368-42-0x0000024179ED0000-0x0000024179ED1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-43-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-44-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-78-0x0000024179D70000-0x0000024179D71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-76-0x0000024179C60000-0x0000024179C61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-56-0x0000024179B20000-0x0000024179B21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-48-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-49-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-50-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-51-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3368-52-0x0000024179EF0000-0x0000024179EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3420-2-0x00007FF9BFB50000-0x00007FF9C04F1000-memory.dmp

        Filesize

        9.6MB

        Download

      • memory/3420-0-0x00007FF9BFB50000-0x00007FF9C04F1000-memory.dmp

        Filesize

        9.6MB

        Download

      • memory/3420-7-0x00007FF9BFB50000-0x00007FF9C04F1000-memory.dmp

        Filesize

        9.6MB

        Download

      • memory/3420-9-0x00007FF9BFB50000-0x00007FF9C04F1000-memory.dmp

        Filesize

        9.6MB

        Download

      • memory/3420-8-0x0000000000AE0000-0x0000000000AF0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3420-1-0x0000000000AE0000-0x0000000000AF0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3420-6-0x0000000000AE0000-0x0000000000AF0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3420-5-0x000000001B290000-0x000000001B298000-memory.dmp

        Filesize

        32KB

        Download

      • memory/3420-4-0x000000001BCF0000-0x000000001BD8C000-memory.dmp

        Filesize

        624KB

        Download

      • memory/3420-3-0x000000001B780000-0x000000001BC4E000-memory.dmp

        Filesize

        4.8MB

        Download