09a867908ba89d9dcde866a2cb15f3e630ab7f2b3b0e3ee2a8495efb681345e3

Analysis

max time kernel
73s
max time network
19s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/02/2024, 21:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

midnight-scp-launcher (11).exe
Size

7.7MB
MD5

b95919105b69f0e23fbc859b19edbce3
SHA1

8055c2883395ea88749d3f667022e1b06b3c86f6
SHA256

09a867908ba89d9dcde866a2cb15f3e630ab7f2b3b0e3ee2a8495efb681345e3
SHA512

5d9255137931387d57c9f5d8b5e3d201e57b848be4bc6617f36130eb05c4ebd601f098706b5269b83cb5e47a9a4edf65f702bebd6422bcaa70d7909149c74d70
SSDEEP

196608:KZ0P39jMqwQrneMKPB9mRdb7kUavk6CyvKeCk:hP39twIV2edboFpW

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 62 IoCs

pid	Process
2288	midnight-scp-launcher (11).exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2652	taskmgr.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2652	taskmgr.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe
2652	taskmgr.exe

C:\Users\Admin\AppData\Local\Temp\midnight-scp-launcher (11).exe
"C:\Users\Admin\AppData\Local\Temp\midnight-scp-launcher (11).exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2288

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2288-8-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-7-0x0000000077850000-0x0000000077852000-memory.dmp

Filesize
8KB

Download
memory/2288-6-0x0000000077840000-0x0000000077842000-memory.dmp

Filesize
8KB

Download
memory/2288-4-0x000000013FF10000-0x0000000140D73000-memory.dmp

Filesize
14.4MB

Download
memory/2288-2-0x0000000077840000-0x0000000077842000-memory.dmp

Filesize
8KB

Download
memory/2288-0-0x0000000077840000-0x0000000077842000-memory.dmp

Filesize
8KB

Download
memory/2288-10-0x0000000077850000-0x0000000077852000-memory.dmp

Filesize
8KB

Download
memory/2288-12-0x0000000077850000-0x0000000077852000-memory.dmp

Filesize
8KB

Download
memory/2288-13-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-14-0x0000000077860000-0x0000000077862000-memory.dmp

Filesize
8KB

Download
memory/2288-18-0x0000000077860000-0x0000000077862000-memory.dmp

Filesize
8KB

Download
memory/2288-16-0x0000000077860000-0x0000000077862000-memory.dmp

Filesize
8KB

Download
memory/2288-19-0x0000000077870000-0x0000000077872000-memory.dmp

Filesize
8KB

Download
memory/2288-23-0x0000000077870000-0x0000000077872000-memory.dmp

Filesize
8KB

Download
memory/2288-21-0x0000000077870000-0x0000000077872000-memory.dmp

Filesize
8KB

Download
memory/2288-24-0x0000000077880000-0x0000000077882000-memory.dmp

Filesize
8KB

Download
memory/2288-27-0x0000000077880000-0x0000000077882000-memory.dmp

Filesize
8KB

Download
memory/2288-26-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-29-0x0000000077880000-0x0000000077882000-memory.dmp

Filesize
8KB

Download
memory/2288-30-0x0000000077890000-0x0000000077892000-memory.dmp

Filesize
8KB

Download
memory/2288-31-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-33-0x0000000077890000-0x0000000077892000-memory.dmp

Filesize
8KB

Download
memory/2288-37-0x00000000778A0000-0x00000000778A2000-memory.dmp

Filesize
8KB

Download
memory/2288-39-0x00000000778A0000-0x00000000778A2000-memory.dmp

Filesize
8KB

Download
memory/2288-36-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-35-0x0000000077890000-0x0000000077892000-memory.dmp

Filesize
8KB

Download
memory/2288-41-0x00000000778A0000-0x00000000778A2000-memory.dmp

Filesize
8KB

Download
memory/2288-42-0x00000000778B0000-0x00000000778B2000-memory.dmp

Filesize
8KB

Download
memory/2288-45-0x00000000778B0000-0x00000000778B2000-memory.dmp

Filesize
8KB

Download
memory/2288-44-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-48-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-49-0x00000000778C0000-0x00000000778C2000-memory.dmp

Filesize
8KB

Download
memory/2288-47-0x00000000778B0000-0x00000000778B2000-memory.dmp

Filesize
8KB

Download
memory/2288-55-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-54-0x00000000778D0000-0x00000000778D2000-memory.dmp

Filesize
8KB

Download
memory/2288-53-0x00000000778C0000-0x00000000778C2000-memory.dmp

Filesize
8KB

Download
memory/2288-51-0x00000000778C0000-0x00000000778C2000-memory.dmp

Filesize
8KB

Download
memory/2288-57-0x00000000778D0000-0x00000000778D2000-memory.dmp

Filesize
8KB

Download
memory/2288-59-0x00000000778D0000-0x00000000778D2000-memory.dmp

Filesize
8KB

Download
memory/2288-61-0x000000013FF10000-0x0000000140D73000-memory.dmp

Filesize
14.4MB

Download
memory/2288-60-0x00000000778E0000-0x00000000778E2000-memory.dmp

Filesize
8KB

Download
memory/2288-64-0x00000000778E0000-0x00000000778E2000-memory.dmp

Filesize
8KB

Download
memory/2288-63-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-66-0x00000000778E0000-0x00000000778E2000-memory.dmp

Filesize
8KB

Download
memory/2288-67-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-70-0x00000000778F0000-0x00000000778F2000-memory.dmp

Filesize
8KB

Download
memory/2288-68-0x00000000778F0000-0x00000000778F2000-memory.dmp

Filesize
8KB

Download
memory/2288-72-0x00000000778F0000-0x00000000778F2000-memory.dmp

Filesize
8KB

Download
memory/2288-74-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-73-0x0000000077900000-0x0000000077902000-memory.dmp

Filesize
8KB

Download
memory/2288-76-0x0000000077900000-0x0000000077902000-memory.dmp

Filesize
8KB

Download
memory/2288-80-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-85-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-91-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-97-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-104-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-107-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2288-108-0x0000000077690000-0x0000000077839000-memory.dmp

Filesize
1.7MB

Download
memory/2652-109-0x0000000140000000-0x00000001405E8000-memory.dmp

Filesize
5.9MB

Download
memory/2652-110-0x0000000140000000-0x00000001405E8000-memory.dmp

Filesize
5.9MB

Download
memory/2652-111-0x0000000140000000-0x00000001405E8000-memory.dmp

Filesize
5.9MB

Download