Overview

overview

3

Static

static

3

xvll.zip

windows7-x64

1

xvll.zip

windows10-2004-x64

1

AutoMax v1...er.exe

windows7-x64

1

AutoMax v1...er.exe

windows10-2004-x64

1

AutoMax v1...xe.xml

windows7-x64

1

AutoMax v1...xe.xml

windows10-2004-x64

1

AutoMax v1...ccount

windows7-x64

1

AutoMax v1...ccount

windows10-2004-x64

1

AutoMax v1...ntName

windows7-x64

1

AutoMax v1...ntName

windows10-2004-x64

1

AutoMax v1...VN.exe

windows7-x64

1

AutoMax v1...VN.exe

windows10-2004-x64

1

AutoMax v1...ources

windows7-x64

1

AutoMax v1...ources

windows10-2004-x64

1

AutoMax v1..._extra

windows7-x64

1

AutoMax v1..._extra

windows10-2004-x64

1

AutoMax v1...s.json

windows7-x64

3

AutoMax v1...s.json

windows10-2004-x64

3

AutoMax v1...config

windows7-x64

3

AutoMax v1...config

windows10-2004-x64

3

AutoMax v1...assets

windows7-x64

3

AutoMax v1...assets

windows10-2004-x64

3

AutoMax v1...es.dat

windows7-x64

3

AutoMax v1...es.dat

windows10-2004-x64

3

AutoMax v1...tor.js

windows7-x64

1

AutoMax v1...tor.js

windows10-2004-x64

1

AutoMax v1...ne.xml

windows7-x64

1

AutoMax v1...ne.xml

windows10-2004-x64

1

AutoMax v1...gs.xml

windows7-x64

1

AutoMax v1...gs.xml

windows10-2004-x64

1

AutoMax v1...rowser

windows7-x64

3

AutoMax v1...rowser

windows10-2004-x64

3

Analysis

  • max time kernel
    151s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/03/2024, 16:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoMax v1.0.5 - Cracked by ElectroHeavenVN/AutoMaxManager.exe

  • Size

    2.3MB

  • MD5

    448779be5cfbe0ddd46948f5ac7bf6fb

  • SHA1

    43bf920c9a59b364ca3915ed63f3d21c9ff06a41

  • SHA256

    263dc4e20f200822946894019d532c82fe303104aacf9fd30fb254440657c512

  • SHA512

    45a1514b91ddcbd932ad00bd995a3a47e5aa7a5bbf1b7a4d99df0ce1e1901ae53431956f61736e4e8fe5937e21141c7d2ea49f90087f36f2ffbef0c7e7e8d0cd

  • SSDEEP

    49152:rviigdGRFxDB0bSvZFGapy5ONVSbKmkvAjddpllmz:9gUkbSvZzYoWkvypK

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AutoMax v1.0.5 - Cracked by ElectroHeavenVN\AutoMaxManager.exe
    "C:\Users\Admin\AppData\Local\Temp\AutoMax v1.0.5 - Cracked by ElectroHeavenVN\AutoMaxManager.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1108-0-0x00000221A0D40000-0x00000221A0F84000-memory.dmp

    Filesize

    2.3MB

    Download

  • memory/1108-1-0x00007FFD18D40000-0x00007FFD19801000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1108-2-0x00000221A2D70000-0x00000221A2D80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1108-3-0x00000221A2AE0000-0x00000221A2AE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1108-5-0x00007FFD18D40000-0x00007FFD19801000-memory.dmp

    Filesize

    10.8MB

    Download