9d35edf837b20069101d555fa9dd60f61cef790614e7f33ab5ac1edf87655545

Analysis

max time kernel
150s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20231127-en
resource tags

arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
submitted
15-12-2023 12:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
Size

1.6MB
MD5

c0f2c2ee45be74ca6cda10201cd84502
SHA1

92357cf088a14908b7734763f74cd1089fba9f57
SHA256

9d35edf837b20069101d555fa9dd60f61cef790614e7f33ab5ac1edf87655545
SHA512

52a9c4d4829a5173f981622067cf3e32525a81b38937da1e286b3aafbf8809ec81667aa0a75dec0e2fdd0d2668c0be34e3073dfe4bd5275d8e3c9071b14d4dbf
SSDEEP

24576:r0yOdKnqj9MNrOoThmBZTsl3WaPECkDtGQjnEd7DSVXT5X1hn:gSqj9MxOt83J/kwonPXT5X1h

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
Token: SeDebugPrivilege	4308	Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe

C:\Users\Admin\AppData\Local\Temp\Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\Monster Hunter World v20200109-v20231017 Plus 67 Trainer.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4308

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:1456

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:2128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2128-27-0x0000023F14640000-0x0000023F1470D000-memory.dmp

Filesize
820KB

Download
memory/4308-8-0x000001C73C470000-0x000001C73C47E000-memory.dmp

Filesize
56KB

Download
memory/4308-21-0x00007FFB2F3C0000-0x00007FFB2FE81000-memory.dmp

Filesize
10.8MB

Download
memory/4308-3-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-4-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-5-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-6-0x000001C73C420000-0x000001C73C428000-memory.dmp

Filesize
32KB

Download
memory/4308-2-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-0-0x000001C71E0F0000-0x000001C71E124000-memory.dmp

Filesize
208KB

Download
memory/4308-7-0x000001C73C4A0000-0x000001C73C4D8000-memory.dmp

Filesize
224KB

Download
memory/4308-22-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-23-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-24-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-25-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-26-0x000001C736C00000-0x000001C736C10000-memory.dmp

Filesize
64KB

Download
memory/4308-1-0x00007FFB2F3C0000-0x00007FFB2FE81000-memory.dmp

Filesize
10.8MB

Download