dcd24679d275c054977dbffadb5a07fb4783331b0ed6124fc8ab9bcc2ad7794b

Analysis

max time kernel
149s
max time network
119s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
17/05/2024, 04:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
Size

899KB
MD5

ceb24852ab64d387f70ec38fff4f5e6f
SHA1

c61704091a80f99ebde321900125f28339d8b568
SHA256

16246ca4e0966c57aec6cfe751bf0869f09edb503ebf53399b78e8397761161f
SHA512

83c7e2ee55e448387b7bab3a260dccca900b94cf326bb2090d51226e0af4d9710f4d0b2224a2cedf1d880ed08ddce777f9891ff800188869213354f852898c71
SSDEEP

12288:fxhy5jLjqux1ANWEEsoO8CHieL1Gb27HRVIHuZH6l6CPQp03Vng/6Bl5JX5VV9:f21n1ATNH7xGbSxVYuFAu0ZFlfX5D9

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2348	Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe

C:\Users\Admin\AppData\Local\Temp\Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe
"C:\Users\Admin\AppData\Local\Temp\Battlefleet Gothic Armada 2 V9350 Trainer +9 MrAntiFun.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2348-0-0x000007FEF5D33000-0x000007FEF5D34000-memory.dmp

Filesize
4KB

Download
memory/2348-1-0x000000013F990000-0x0000000140990000-memory.dmp

Filesize
16.0MB

Download
memory/2348-2-0x000007FEF5D30000-0x000007FEF671C000-memory.dmp

Filesize
9.9MB

Download
memory/2348-5-0x000007FEF5D30000-0x000007FEF671C000-memory.dmp

Filesize
9.9MB

Download
memory/2348-6-0x000007FEF5D33000-0x000007FEF5D34000-memory.dmp

Filesize
4KB

Download
memory/2348-7-0x000007FEF5D30000-0x000007FEF671C000-memory.dmp

Filesize
9.9MB

Download
memory/2348-8-0x000007FEF5D30000-0x000007FEF671C000-memory.dmp

Filesize
9.9MB

Download