Overview

overview

10

Static

static

10

IDA Pro 7....28.cfg

windows7-x64

3

IDA Pro 7....28.cfg

windows10-2004-x64

3

IDA Pro 7....da.dll

windows7-x64

1

IDA Pro 7....da.dll

windows10-2004-x64

1

IDA Pro 7....da.exe

windows7-x64

1

IDA Pro 7....da.exe

windows10-2004-x64

1

IDA Pro 7....ida.js

windows7-x64

1

IDA Pro 7....ida.js

windows10-2004-x64

1

IDA Pro 7....db.dll

windows7-x64

1

IDA Pro 7....db.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....er.dll

windows7-x64

1

IDA Pro 7....er.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....er.dll

windows7-x64

1

IDA Pro 7....er.dll

windows10-2004-x64

1

IDA Pro 7....gs.dll

windows7-x64

1

IDA Pro 7....gs.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....le.dll

windows7-x64

1

IDA Pro 7....le.dll

windows10-2004-x64

1

IDA Pro 7....rt.dll

windows7-x64

1

IDA Pro 7....rt.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....ds.dll

windows7-x64

1

IDA Pro 7....ds.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    573s
  • max time network
    572s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2024 20:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IDA Pro 7.7.220118 (Windows) (x86_x64_ARM64)/plugins/pdb64.dll

  • Size

    423KB

  • MD5

    abbfc5178c4c4383ba479f515038ac69

  • SHA1

    df78bdc11b6e6afe9e1c1582ce5af0383d0f5bc5

  • SHA256

    d659e64e93d172aa0507e2c4c3b6ebfe225be2b97a61161bdf443e30151b2d6f

  • SHA512

    240a8c5a31269314e0df1238d13f9937e5eebe5e2fbac692953be77e46835a074beff7685042cbf958055621c9d1c2a99bb772eec37f9c888b773e03e340b301

  • SSDEEP

    6144:RKKbHLfiUpYw6vqDzalHjQMe+kTIfRS4dx82hHN+G2H8yer:RvLfikTJirk6I4d1U8y

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\IDA Pro 7.7.220118 (Windows) (x86_x64_ARM64)\plugins\pdb64.dll",#1
    1⤵
      PID:2748
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4444
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1108

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        5b4bd931c64d9dc0ebd2d9ba4eb8d00c

        SHA1

        0c85ac9ad985dfe4206b98f72f96bb83b894a55b

        SHA256

        89c59acf0cea5ed5563c324115b3cac0c7ae42a01bd6bf4345cbff87f9f7140d

        SHA512

        8ada3c396aebae1591ccf682f86ec18fa5cba979df7185a9f5e05be9f1d4587f5f03c5545a76b3bfde0076645e18107f3580b3e187e0a91220dad125e668c324

        Download Submit

      • memory/1108-40-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-33-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-42-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-34-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-35-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-36-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-37-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-38-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-43-0x000001BD8AD60000-0x000001BD8AD61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-0-0x000001BD82A40000-0x000001BD82A50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1108-68-0x000001BD8AFB0000-0x000001BD8AFB1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-32-0x000001BD8C110000-0x000001BD8C111000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-39-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-44-0x000001BD8AD50000-0x000001BD8AD51000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-46-0x000001BD8AD60000-0x000001BD8AD61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-49-0x000001BD8AD50000-0x000001BD8AD51000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-52-0x000001BD8AC90000-0x000001BD8AC91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-16-0x000001BD82B40000-0x000001BD82B50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1108-64-0x000001BD8AE90000-0x000001BD8AE91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-66-0x000001BD8AEA0000-0x000001BD8AEA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-67-0x000001BD8AEA0000-0x000001BD8AEA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1108-41-0x000001BD8C140000-0x000001BD8C141000-memory.dmp

        Filesize

        4KB

        Download