f4234a501edcd30d3bc15c983692c9450383b73bdd310059405c5e3a43cc730b

Resubmissions

21/02/2024, 13:23

240221-qmvprafg6x 3

21/02/2024, 13:20

240221-qllqfsfg4t 3

Analysis

max time kernel
45s
max time network
46s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
21/02/2024, 13:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Fantom.exe
Size

261KB
MD5

7d80230df68ccba871815d68f016c282
SHA1

e10874c6108a26ceedfc84f50881824462b5b6b6
SHA256

f4234a501edcd30d3bc15c983692c9450383b73bdd310059405c5e3a43cc730b
SHA512

64d02b3e7ed82a64aaac1f74c34d6b6e6feaac665ca9c08911b93eddcec66595687024ec576e74ea09a1193ace3923969c75de8733859835fef45335cf265540
SSDEEP

3072:vDKW1LgppLRHMY0TBfJvjcTp5XxG8pt+oSOpE22obq+NYgvPuCEbMBWJxLRiUgV:vDKW1Lgbdl0TBBvjc/M8n35nYgvKjdzi

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2444	Fantom.exe

C:\Users\Admin\AppData\Local\Temp\Fantom.exe
"C:\Users\Admin\AppData\Local\Temp\Fantom.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2444-1-0x0000000074F50000-0x0000000075700000-memory.dmp

Filesize
7.7MB

Download
memory/2444-0-0x0000000002540000-0x0000000002572000-memory.dmp

Filesize
200KB

Download
memory/2444-2-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download
memory/2444-3-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download
memory/2444-4-0x00000000025E0000-0x0000000002612000-memory.dmp

Filesize
200KB

Download
memory/2444-5-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-6-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-10-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-8-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-12-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-16-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-18-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-14-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-24-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-22-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-28-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-30-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-32-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-34-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-38-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-40-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-36-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-42-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-26-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-44-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-20-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-52-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-58-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-56-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-60-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-54-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-50-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-66-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-64-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-68-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-62-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-48-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-46-0x00000000025E0000-0x000000000260B000-memory.dmp

Filesize
172KB

Download
memory/2444-130-0x0000000002580000-0x0000000002581000-memory.dmp

Filesize
4KB

Download
memory/2444-129-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download
memory/2444-131-0x0000000004BA0000-0x0000000005144000-memory.dmp

Filesize
5.6MB

Download
memory/2444-132-0x0000000005150000-0x00000000051E2000-memory.dmp

Filesize
584KB

Download
memory/2444-133-0x0000000005270000-0x000000000527A000-memory.dmp

Filesize
40KB

Download
memory/2444-134-0x0000000074F50000-0x0000000075700000-memory.dmp

Filesize
7.7MB

Download
memory/2444-135-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download
memory/2444-136-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download
memory/2444-137-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads