afd25d0b0690efe0e519a962e279c520d9d4f227ce6fe342436ce95373787dc4

Analysis

max time kernel
300s
max time network
170s
platform
windows10-2004_x64
resource
win10v2004-20231222-es
resource tags

arch:x64arch:x86image:win10v2004-20231222-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
11-02-2024 20:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

67 options, mod required/Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
Size

1.6MB
MD5

d8d04a49a7ebe94d52daa21380c7f981
SHA1

c61619f51bb3ded298be6ff4f37d657c7f4dee88
SHA256

48000c42895041ab94da59597b322a9afeacac40cbd8d7654115df6eaed44708
SHA512

6aa11b73cbfc871ea23ecc136e2585de98ff2989f6ac20a9db8855df0657024990a4f87cf1dc2413fd49e66c8ce57246f7405911e1b24d22e49727a4aae035e0
SSDEEP

24576:zQIQoxsvHM5QR7iv5Drj43MlCEs9jaPECkDtGQjnEdpDS5C:zQWEHfcvaWs9E/kwonQ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2676	Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe

C:\Users\Admin\AppData\Local\Temp\67 options, mod required\Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\67 options, mod required\Monster Hunter World v20200109-v20201001 Plus 67 Trainer.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2676-0-0x000001784D330000-0x000001784D362000-memory.dmp

Filesize
200KB

Download
memory/2676-1-0x00007FF8FD9D0000-0x00007FF8FE491000-memory.dmp

Filesize
10.8MB

Download
memory/2676-2-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-3-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-4-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-5-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-6-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-7-0x000001786A850000-0x000001786A952000-memory.dmp

Filesize
1.0MB

Download
memory/2676-11-0x000001786A500000-0x000001786A600000-memory.dmp

Filesize
1024KB

Download
memory/2676-12-0x000001786A500000-0x000001786A600000-memory.dmp

Filesize
1024KB

Download
memory/2676-19-0x00007FF8FD9D0000-0x00007FF8FE491000-memory.dmp

Filesize
10.8MB

Download
memory/2676-20-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-21-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-22-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-23-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-24-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-25-0x0000017865E20000-0x0000017865E30000-memory.dmp

Filesize
64KB

Download
memory/2676-26-0x000001786A500000-0x000001786A600000-memory.dmp

Filesize
1024KB

Download
memory/2676-27-0x000001786A500000-0x000001786A600000-memory.dmp

Filesize
1024KB

Download