Overview

overview

3

Static

static

3

Bunifu_UI_v1.5.3.dll

windows7-x64

1

Bunifu_UI_v1.5.3.dll

windows10-2004-x64

1

FortSkinner.exe

windows7-x64

1

FortSkinner.exe

windows10-2004-x64

1

xNet.dll

windows7-x64

1

xNet.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2024, 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FortSkinner.exe

  • Size

    1.1MB

  • MD5

    50df045cdba749672f4385184c8ec609

  • SHA1

    35828018ed49e865d9b41bb6d5a6b38c3a340b58

  • SHA256

    6626623918eb064ba6fb5d3ac9dc215e31fc428b12f2cb87112ad82878f02273

  • SHA512

    e01a6cd599b37fa02be53e62d4c4e1733fd12c97ce5cae247907a09ee9a79aa58af3a2ebdbe6f4922d7b431b815e4ec5be40f3859a6e65cd38c678052c994410

  • SSDEEP

    24576:F9unMP+PSSRWC/R0Q3Y6IuUONUE7AGmHXlnGP/g5VP:XunwSRnY6aONUE6XBGP45

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FortSkinner.exe
    "C:\Users\Admin\AppData\Local\Temp\FortSkinner.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1924-0-0x00000000010D0000-0x00000000011EA000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1924-1-0x0000000074830000-0x0000000074F1E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1924-2-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1924-3-0x0000000004EA0000-0x0000000004EE0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1924-4-0x0000000000580000-0x00000000005C2000-memory.dmp

    Filesize

    264KB

    Download

  • memory/1924-7-0x00000000049A0000-0x00000000049D2000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1924-6-0x0000000004EA0000-0x0000000004EE0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1924-5-0x0000000004EA0000-0x0000000004EE0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1924-8-0x0000000074830000-0x0000000074F1E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1924-9-0x0000000004EA0000-0x0000000004EE0000-memory.dmp

    Filesize

    256KB

    Download