Overview

overview

10

Static

static

3

ImmortaL/Launcher.exe

windows10-2004-x64

1

ImmortaL/W...me.dll

windows10-2004-x64

1

ImmortaL/l...al.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    449s
  • max time network
    452s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-04-2024 21:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ImmortaL/WinRT.Runtime.dll

  • Size

    389KB

  • MD5

    0966745c6b954e7bbd15459756a106c6

  • SHA1

    f6efa62a95b4f40c84341ed58c1d3c8d5af2111d

  • SHA256

    4977a1e6dcee4c3310a68e20f2879cf39b95255e29f3fd7557781e058445cb9b

  • SHA512

    ab8a07fdf72315ffaa49271faca6d0d6523b3480d53fd6f5225fdfcb41ee099e3b401872a684016ed02d347b48eae3467185b6e9dcd16994c0b7e3c562e9a047

  • SSDEEP

    6144:WlOYSCIkSjwAF56b5uuXzAOJPvcFVloAFJpR0krlFo/UkjYPqNHav96iTtq7CYm:WQvCZoKN/DelFo/tNHav96iTtq5m

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ImmortaL\WinRT.Runtime.dll,#1
    1⤵
      PID:840
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:1192
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4748

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4748-0-0x0000015D76640000-0x0000015D76650000-memory.dmp
        Filesize

        64KB

        Download
      • memory/4748-16-0x0000015D76740000-0x0000015D76750000-memory.dmp
        Filesize

        64KB

        Download
      • memory/4748-32-0x0000015D7EA20000-0x0000015D7EA21000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4748-34-0x0000015D7EA50000-0x0000015D7EA51000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4748-35-0x0000015D7EA50000-0x0000015D7EA51000-memory.dmp
        Filesize

        4KB

        Download
      • memory/4748-36-0x0000015D7EB60000-0x0000015D7EB61000-memory.dmp
        Filesize

        4KB

        Download