b4fba8a4ffa218678ca7cf1f75af4bcb2b6d2ee1880bd9a03e4c51c9030f2e49

Resubmissions

20-04-2024 19:13

max time kernel
22s
max time network
26s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
20-04-2024 19:13

Target

LauncherModMenu v1.12.exe
Size

489KB
MD5

f42bf6d96690525c1736bb2d82e239ce
SHA1

ef66dcc2595d03b717fd664d8dda8a8352142fca
SHA256

b4fba8a4ffa218678ca7cf1f75af4bcb2b6d2ee1880bd9a03e4c51c9030f2e49
SHA512

146961a4d0e319a7606c121fc208722cd9f532b6db9a54443ecb65f46d7c42430f628450d6a0c3b2510308c9b0c8e9d7ed430b0d36a7fe5be24a8690b2b768e7
SSDEEP

12288:SU/qlWEJNgZ3Kcj0PP8oQkbdGy17kDGixc6hsWF76kpjoCe:nqlXJNYacgn/lbdGy0DuqYecR

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4572 set thread context of 2028	4572	LauncherModMenu v1.12.exe	83

Suspicious use of WriteProcessMemory 15 IoCs

description	pid	Process	procid_target
PID 4572 wrote to memory of 4556	4572	LauncherModMenu v1.12.exe	81
PID 4572 wrote to memory of 4556	4572	LauncherModMenu v1.12.exe	81
PID 4572 wrote to memory of 4556	4572	LauncherModMenu v1.12.exe	81
PID 4572 wrote to memory of 4044	4572	LauncherModMenu v1.12.exe	82
PID 4572 wrote to memory of 4044	4572	LauncherModMenu v1.12.exe	82
PID 4572 wrote to memory of 4044	4572	LauncherModMenu v1.12.exe	82
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83
PID 4572 wrote to memory of 2028	4572	LauncherModMenu v1.12.exe	83

C:\Users\Admin\AppData\Local\Temp\LauncherModMenu v1.12.exe
"C:\Users\Admin\AppData\Local\Temp\LauncherModMenu v1.12.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4572
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
  2⤵
  PID:4556
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
  2⤵
  PID:4044
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
  2⤵
  PID:2028

memory/2028-1-0x0000000000400000-0x000000000044F000-memory.dmp

Filesize
316KB

Download
memory/2028-3-0x0000000000400000-0x000000000044F000-memory.dmp

Filesize
316KB

Download
memory/2028-5-0x0000000000400000-0x000000000044F000-memory.dmp

Filesize
316KB

Download
memory/2028-6-0x0000000000400000-0x000000000044F000-memory.dmp

Filesize
316KB

Download
memory/4572-0-0x00000000001F0000-0x000000000026E000-memory.dmp

Filesize
504KB

Download
memory/4572-4-0x00000000001F0000-0x000000000026E000-memory.dmp

Filesize
504KB

Download