1e022d3886700317e5c41977de8fd595db5fbb3529164048ed09ee7efdb5711d

Analysis

max time kernel
1390s
max time network
1163s
platform
windows10-2004_x64
resource
win10v2004-20231127-en
resource tags

arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
submitted
11/12/2023, 16:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Fluxus V7.exe
Size

3.9MB
MD5

b4f9cbca656fd34c4dbb1d706a7f1ad3
SHA1

2b95d88a80ccb619b581c420f7435c660cfbb28e
SHA256

1e022d3886700317e5c41977de8fd595db5fbb3529164048ed09ee7efdb5711d
SHA512

5ed86eaf8ae42d9a8f0dca9776e25b3c2232434b32088df7feaa8149886594f1d4b1e37c597597eacebdb4082e0263441a6b78def5eef2ad610a6875c28fe969
SSDEEP

49152:UgLIR9JyCns59qfuce05XlWycazyClY1YH8PnGpv80tbvvqVUcH:UgLIRfyC7egWJa3lY1U82kmvvoUc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4996	Fluxus V7.exe
4996	Fluxus V7.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	4996	Fluxus V7.exe
Token: SeManageVolumePrivilege	4308	svchost.exe

C:\Users\Admin\AppData\Local\Temp\Fluxus V7.exe
"C:\Users\Admin\AppData\Local\Temp\Fluxus V7.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4996

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:4756

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_b01hrcq1.v3y.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
memory/4308-108-0x00000164BE9F0000-0x00000164BE9F1000-memory.dmp

Filesize
4KB

Download
memory/4308-97-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-122-0x00000164C7440000-0x00000164C7441000-memory.dmp

Filesize
4KB

Download
memory/4308-120-0x00000164C7430000-0x00000164C7431000-memory.dmp

Filesize
4KB

Download
memory/4308-56-0x00000164BF040000-0x00000164BF050000-memory.dmp

Filesize
64KB

Download
memory/4308-105-0x00000164C72F0000-0x00000164C72F1000-memory.dmp

Filesize
4KB

Download
memory/4308-102-0x00000164C7300000-0x00000164C7301000-memory.dmp

Filesize
4KB

Download
memory/4308-100-0x00000164C72F0000-0x00000164C72F1000-memory.dmp

Filesize
4KB

Download
memory/4308-99-0x00000164C7300000-0x00000164C7301000-memory.dmp

Filesize
4KB

Download
memory/4308-96-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-123-0x00000164C7440000-0x00000164C7441000-memory.dmp

Filesize
4KB

Download
memory/4308-98-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-124-0x00000164C7550000-0x00000164C7551000-memory.dmp

Filesize
4KB

Download
memory/4308-95-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-94-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-93-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-92-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-91-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-90-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-89-0x00000164C76E0000-0x00000164C76E1000-memory.dmp

Filesize
4KB

Download
memory/4308-88-0x00000164C76B0000-0x00000164C76B1000-memory.dmp

Filesize
4KB

Download
memory/4308-72-0x00000164BF140000-0x00000164BF150000-memory.dmp

Filesize
64KB

Download
memory/4996-24-0x000000000B8E0000-0x000000000B946000-memory.dmp

Filesize
408KB

Download
memory/4996-27-0x000000000C570000-0x000000000C8C4000-memory.dmp

Filesize
3.3MB

Download
memory/4996-42-0x000000000F2E0000-0x000000000F383000-memory.dmp

Filesize
652KB

Download
memory/4996-43-0x000000000F560000-0x000000000F56A000-memory.dmp

Filesize
40KB

Download
memory/4996-44-0x000000000F6D0000-0x000000000F6E1000-memory.dmp

Filesize
68KB

Download
memory/4996-45-0x000000000F700000-0x000000000F70E000-memory.dmp

Filesize
56KB

Download
memory/4996-46-0x000000000F710000-0x000000000F724000-memory.dmp

Filesize
80KB

Download
memory/4996-47-0x000000000F750000-0x000000000F76A000-memory.dmp

Filesize
104KB

Download
memory/4996-48-0x000000000F770000-0x000000000F778000-memory.dmp

Filesize
32KB

Download
memory/4996-49-0x000000000CC50000-0x000000000CC58000-memory.dmp

Filesize
32KB

Download
memory/4996-50-0x0000000074C80000-0x0000000075430000-memory.dmp

Filesize
7.7MB

Download
memory/4996-51-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/4996-53-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/4996-54-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/4996-55-0x00000000FFCF0000-0x00000000FFD00000-memory.dmp

Filesize
64KB

Download
memory/4996-31-0x00000000FFCF0000-0x00000000FFD00000-memory.dmp

Filesize
64KB

Download
memory/4996-30-0x000000000C9C0000-0x000000000CA0C000-memory.dmp

Filesize
304KB

Download
memory/4996-29-0x000000000BE10000-0x000000000BE32000-memory.dmp

Filesize
136KB

Download
memory/4996-28-0x000000000BD70000-0x000000000BDD6000-memory.dmp

Filesize
408KB

Download
memory/4996-41-0x000000000F2C0000-0x000000000F2DE000-memory.dmp

Filesize
120KB

Download
memory/4996-23-0x000000000B0E0000-0x000000000B102000-memory.dmp

Filesize
136KB

Download
memory/4996-25-0x000000000B1E0000-0x000000000B1FE000-memory.dmp

Filesize
120KB

Download
memory/4996-26-0x000000000B950000-0x000000000B99A000-memory.dmp

Filesize
296KB

Download
memory/4996-0-0x0000000074C80000-0x0000000075430000-memory.dmp

Filesize
7.7MB

Download
memory/4996-22-0x000000000B140000-0x000000000B1D6000-memory.dmp

Filesize
600KB

Download
memory/4996-21-0x000000000BEF0000-0x000000000C56A000-memory.dmp

Filesize
6.5MB

Download
memory/4996-20-0x000000000B060000-0x000000000B096000-memory.dmp

Filesize
216KB

Download
memory/4996-19-0x000000000B000000-0x000000000B01A000-memory.dmp

Filesize
104KB

Download
memory/4996-9-0x000000000B240000-0x000000000B868000-memory.dmp

Filesize
6.2MB

Download
memory/4996-6-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/4996-7-0x0000000005D40000-0x0000000005D78000-memory.dmp

Filesize
224KB

Download
memory/4996-8-0x0000000005D10000-0x0000000005D1E000-memory.dmp

Filesize
56KB

Download
memory/4996-5-0x0000000009BC0000-0x0000000009BC8000-memory.dmp

Filesize
32KB

Download
memory/4996-4-0x0000000005150000-0x00000000051E2000-memory.dmp

Filesize
584KB

Download
memory/4996-3-0x0000000005660000-0x0000000005C04000-memory.dmp

Filesize
5.6MB

Download
memory/4996-2-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/4996-1-0x0000000000030000-0x0000000000424000-memory.dmp

Filesize
4.0MB

Download