Analysis
-
max time kernel
12s -
max time network
17s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
12-02-2024 19:28
Static task
static1
Behavioral task
behavioral1
Sample
MonolithPatcher.exe
Resource
win10v2004-20231215-en
General
-
Target
MonolithPatcher.exe
-
Size
2.9MB
-
MD5
3bfd03c56948608a4514fee828483db0
-
SHA1
c8c11703cdd4aee8a07e3218553c0d04a770864d
-
SHA256
f08295d42656789488a715929761447d94c86d9910e06751762a331e3fbee915
-
SHA512
f087b8fba49a4c828391364ca9e93f178bff91feec563c70cc3c8fc75653af1c46d627e50a901cb88c477d8c46dac3db943d90c51ada70324329b65cf0a903d3
-
SSDEEP
49152:/3tBgrHXW2q/RBrxLKLb1HIIV7M2HiocKGixmay/Iq6gnpZsg7P3BQLagS0IINCl:PtGjXWbBQv1FLto6+pCgbxQLHe2qj
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
Processes:
MonolithPatcher.exepid process 2912 MonolithPatcher.exe 2912 MonolithPatcher.exe -
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
Processes:
MonolithPatcher.exepid process 2912 MonolithPatcher.exe 2912 MonolithPatcher.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
MonolithPatcher.exepid process 2912 MonolithPatcher.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
MonolithPatcher.exedescription pid process Token: SeDebugPrivilege 2912 MonolithPatcher.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5c225ada10c88e6eec6df655e810947c5
SHA15d200d665d044997c3f8f9cc3313af23e85ea714
SHA256ca5ad53f2e394808d6a2218d106d005a4ebb83b3886f000b595e706cfeee4bc0
SHA51235829970b277c8a24d2be71ec5fc57daa6183f0e62fa5a441136f6a740ceb5e33a444d568cfb778105f053f5128d2ac401b77dc5897e97d9a51e1cfb41b5963b