Overview

overview

10

Static

static

10

Palworld E...er.exe

windows7-x64

1

Palworld E...er.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    39s
  • max time network
    39s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-02-2024 03:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Palworld Early Access Plus 46 Trainer.exe

  • Size

    2.0MB

  • MD5

    fcc947ed36c445777ea8e220dee5bc0c

  • SHA1

    edb7775eed9d5f5825d0858ecf6b7541f079d656

  • SHA256

    dfd00a68ebacdc4139def9f13a1c70388f57a5c3c0c6c3e4afc93f532fcea77a

  • SHA512

    e43ea3c6b7b3909446f54b429b72041715b49a361afe4847530adf10a987db674dc284b40d81a9f035ae0c35b739be84c2c4467446316ee85cefe4d551a5384d

  • SSDEEP

    49152:JXROAOvyNVRdiTilSD0lkuBKr//XT5XdGY1:JBhMy/R+GlkuB8//D5N91

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Palworld Early Access Plus 46 Trainer.exe
    "C:\Users\Admin\AppData\Local\Temp\Palworld Early Access Plus 46 Trainer.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4080-0-0x0000024753140000-0x0000024753174000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4080-1-0x00007FFD8EFB0000-0x00007FFD8FA71000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4080-2-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-3-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-4-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-5-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-6-0x0000024771470000-0x0000024771478000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4080-7-0x00000247714F0000-0x0000024771528000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4080-8-0x00000247714C0000-0x00000247714CE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4080-21-0x00007FFD8EFB0000-0x00007FFD8FA71000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4080-22-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-23-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-24-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-25-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4080-26-0x000002476BB70000-0x000002476BB80000-memory.dmp

    Filesize

    64KB

    Download