Overview
overview
7Static
static
39c3d6192ba...d4.exe
windows7-x64
39c3d6192ba...d4.exe
windows10-2004-x64
7$TEMP/gikW...EC.exe
windows7-x64
1$TEMP/gikW...EC.exe
windows10-2004-x64
1Users/�...re.dll
windows7-x64
1Users/�...re.dll
windows10-2004-x64
1Users/�...UI.dll
windows7-x64
1Users/�...UI.dll
windows10-2004-x64
1Users/�...nds.js
windows7-x64
1Users/�...nds.js
windows10-2004-x64
1Users/�...at.exe
windows7-x64
1Users/�...at.exe
windows10-2004-x64
1Users/�...is.dll
windows7-x64
1Users/�...is.dll
windows10-2004-x64
1Users/�...eel.js
windows7-x64
1Users/�...eel.js
windows10-2004-x64
1Users/�...ci.dll
windows7-x64
1Users/�...ci.dll
windows10-2004-x64
1Users/�...up.msi
windows7-x64
1Users/�...up.msi
windows10-2004-x64
1Analysis
-
max time kernel
133s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
14-02-2024 17:25
Static task
static1
Behavioral task
behavioral1
Sample
9c3d6192ba68e46624894e4f0136d8d4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9c3d6192ba68e46624894e4f0136d8d4.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
$TEMP/gikWp/rdxYDEC.exe
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
$TEMP/gikWp/rdxYDEC.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
Users//Desktop//WMPDMCCore.dll
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
Users//Desktop//WMPDMCCore.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral7
Sample
Users//Desktop//WMPNSSUI.dll
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
Users//Desktop//WMPNSSUI.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
Users//Desktop//bot/Battlegrounds.js
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
Users//Desktop//bot/Battlegrounds.js
Resource
win10v2004-20231222-en
Behavioral task
behavioral11
Sample
Users//Desktop//cheat.exe
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
Users//Desktop//cheat.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral13
Sample
Users//Desktop//mpvis.dll
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
Users//Desktop//mpvis.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral15
Sample
Users//Desktop//topmon/LookNFeel.js
Resource
win7-20231215-en
Behavioral task
behavioral16
Sample
Users//Desktop//topmon/LookNFeel.js
Resource
win10v2004-20231215-en
Behavioral task
behavioral17
Sample
Users//Desktop//wmpnssci.dll
Resource
win7-20231215-en
Behavioral task
behavioral18
Sample
Users//Desktop//wmpnssci.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral19
Sample
Users///setup.msi
Resource
win7-20231215-en
Behavioral task
behavioral20
Sample
Users///setup.msi
Resource
win10v2004-20231215-en
General
-
Target
Users///setup.msi
-
Size
3.1MB
-
MD5
406c23ce101efd2582df3e7642e8366a
-
SHA1
1246f899d64cf894739c89a73609f83d15f31c46
-
SHA256
a523df66f5072161ff822a197959e7175fd47e23db30f4dcc8e72c711c1be520
-
SHA512
1d5ba58b94983aa549243ce21cc4e6ffa3ac98d09c02c4e6b265cf393b9cc10e905e2443f8e62e27e34bd9106b4d7e490555ede961bdb6939be3872074cd2851
-
SSDEEP
98304:KddXq1DEEwN0ItLyrsewa++tkqe+9qQZiwh9n:Gq1DSJkkqe+QQZff
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeShutdownPrivilege 4496 msiexec.exe Token: SeIncreaseQuotaPrivilege 4496 msiexec.exe -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 4496 msiexec.exe 4496 msiexec.exe