Overview

overview

3

Static

static

3

L4D2 Toolb...ox.exe

windows10-1703-x64

1

L4D2 Toolb...ry.dll

windows10-1703-x64

1

Resubmissions

28-03-2024 00:21

240328-anp8nabg9y 3

28-03-2024 00:15

240328-akac2abg6z 3

Analysis

  • max time kernel
    42s
  • max time network
    36s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    28-03-2024 00:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    L4D2 Toolbox 1.2/L4D2 Toolbox.exe

  • Size

    166KB

  • MD5

    fbafe21dc1519aa27b3bab9990fc9b09

  • SHA1

    f8e9a7f8a6daf045b00b08269a9554236ea866ac

  • SHA256

    99629dc38bdda3f8bf0b923467201f0f27fd3f3812487dce1785353f26e53578

  • SHA512

    53ff3d7e25c8bca894b7d9e5f718bd9b7fbf6cc065272f4cbb0123adefcd642a5b89632ec7d84fe45c0917726391560c546d8b1e91296ea3e77bd5bd7c82a30e

  • SSDEEP

    3072:wPLqsUNXqjW9lWe8NysbXoXAcJXgKUIiCzTOsiNEkrZosEac9bTEsfzA0R8sPpCc:wj2qjWbWe8K/vpfzA0RDiYIgTO30q

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 37 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\L4D2 Toolbox 1.2\L4D2 Toolbox.exe
    "C:\Users\Admin\AppData\Local\Temp\L4D2 Toolbox 1.2\L4D2 Toolbox.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3216-1-0x0000000073730000-0x0000000073E1E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/3216-0-0x0000000000030000-0x000000000005E000-memory.dmp

    Filesize

    184KB

    Download

  • memory/3216-2-0x0000000004950000-0x00000000049EC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3216-3-0x0000000004EF0000-0x00000000053EE000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/3216-4-0x00000000049F0000-0x0000000004A82000-memory.dmp

    Filesize

    584KB

    Download

  • memory/3216-5-0x0000000004B80000-0x0000000004B90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3216-6-0x0000000002440000-0x000000000244A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3216-7-0x0000000004A90000-0x0000000004AE6000-memory.dmp

    Filesize

    344KB

    Download

  • memory/3216-8-0x00000000048D0000-0x00000000048E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3216-9-0x0000000004B80000-0x0000000004B90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3216-10-0x0000000073730000-0x0000000073E1E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/3216-11-0x0000000004B80000-0x0000000004B90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3216-12-0x0000000004B80000-0x0000000004B90000-memory.dmp

    Filesize

    64KB

    Download