Overview

overview

3

Static

static

3

Bunifu_UI_v1.5.3.dll

windows7-x64

1

Bunifu_UI_v1.5.3.dll

windows10-2004-x64

1

FortSkinner.exe

windows7-x64

1

FortSkinner.exe

windows10-2004-x64

1

xNet.dll

windows7-x64

1

xNet.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/02/2024, 14:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    FortSkinner.exe

  • Size

    1.1MB

  • MD5

    50df045cdba749672f4385184c8ec609

  • SHA1

    35828018ed49e865d9b41bb6d5a6b38c3a340b58

  • SHA256

    6626623918eb064ba6fb5d3ac9dc215e31fc428b12f2cb87112ad82878f02273

  • SHA512

    e01a6cd599b37fa02be53e62d4c4e1733fd12c97ce5cae247907a09ee9a79aa58af3a2ebdbe6f4922d7b431b815e4ec5be40f3859a6e65cd38c678052c994410

  • SSDEEP

    24576:F9unMP+PSSRWC/R0Q3Y6IuUONUE7AGmHXlnGP/g5VP:XunwSRnY6aONUE6XBGP45

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FortSkinner.exe
    "C:\Users\Admin\AppData\Local\Temp\FortSkinner.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4592

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4592-0-0x00000000005D0000-0x00000000006EA000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/4592-1-0x0000000074650000-0x0000000074E00000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/4592-2-0x0000000005070000-0x00000000050A8000-memory.dmp

          Filesize

          224KB

          Download

        • memory/4592-3-0x0000000009840000-0x00000000098DC000-memory.dmp

          Filesize

          624KB

          Download

        • memory/4592-4-0x00000000051B0000-0x00000000051C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4592-5-0x0000000009E90000-0x000000000A434000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/4592-6-0x00000000052C0000-0x0000000005352000-memory.dmp

          Filesize

          584KB

          Download

        • memory/4592-7-0x0000000005140000-0x000000000514A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/4592-8-0x0000000005450000-0x00000000054A6000-memory.dmp

          Filesize

          344KB

          Download

        • memory/4592-9-0x0000000005590000-0x00000000055D2000-memory.dmp

          Filesize

          264KB

          Download

        • memory/4592-10-0x00000000051B0000-0x00000000051C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4592-11-0x0000000006610000-0x0000000006642000-memory.dmp

          Filesize

          200KB

          Download

        • memory/4592-12-0x0000000074650000-0x0000000074E00000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/4592-13-0x00000000051B0000-0x00000000051C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4592-14-0x00000000051B0000-0x00000000051C0000-memory.dmp

          Filesize

          64KB

          Download