Analysis

  • max time kernel
    154s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/03/2024, 19:43

General

  • Target

    Setup.exe

  • Size

    179KB

  • MD5

    53db797144ee628724f76a07917f4e4b

  • SHA1

    16444fb48395f8d62eaba81928644bee887ff8f8

  • SHA256

    61438af9cd79ad931a95c2031542ecf28f03f74a8b1211b9e58072925083a9ad

  • SHA512

    94c63780f4ceae3fc10ead6de65deaa72d7a76bf477be1840871dc7a45423eddebb9b09a113c6214a08b67563ddf11dbc33dc073a83a36787171c8b3c9a6c2ed

  • SSDEEP

    3072:PYSqXo1jT7uduk58NU99TBCOaJ/iTuu4kOXDM0zqL1cdFfnqncEN41EMXQ3By:t1jT2eUTraJ/iTuJlDMQMFn9MyBy

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3208
    • C:\Windows\SysWOW64\msiexec.exe
      msiexec.exe /i "Pro Evolution Soccer 2013.msi"
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      PID:2836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads