Analysis
-
max time kernel
117s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01/03/2024, 21:57
Static task
static1
Behavioral task
behavioral1
Sample
Aimbot Resounls..scr
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Aimbot Resounls..scr
Resource
win10v2004-20240226-en
19 signatures
150 seconds
General
-
Target
Aimbot Resounls..scr
-
Size
351KB
-
MD5
13d1fc17b74fdbe39d0141d4f5e2b6db
-
SHA1
0c48d2d21eff6bc55fefe111b25e81fcc27e25a5
-
SHA256
194c0a05958c8ead4bfa916ace6e1a5acdb7f433ce57c1d48abc9160a6bca4e5
-
SHA512
3eaf731772e1c1386a84eae459ca1d8cb81fa8d79be1cb91f5e8678e9861a687178007e881a0fd03d116c597918e3a5f580a5060e32dc0faeeee22ebe1ac3b0c
-
SSDEEP
6144:haxxiw0qvLJXnlUGujCtjno6itQl+REw6FMG/UHQS8PUHIRA8yVYtFm6axHUZ:hukqjVnl36ud0zR/6CtQ9PUHIG8Dn
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
flow ioc 2 ipinfo.io 3 ipinfo.io -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2016 Aimbot Resounls..scr