Overview

overview

3

Static

static

3

gamesense.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    04-06-2024 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gamesense.exe

  • Size

    690KB

  • MD5

    1b9eca70107203da6238a845cf17fddc

  • SHA1

    2e75e1f8affd2b3681015a5d4afe0e4810bfa567

  • SHA256

    2f411bec080f0d94a74c6cb095d793b00086375c98a6eba78e9f1c7dbd3d66d1

  • SHA512

    a67b4e86046dd9e1ab48d7226e536e52d41ba3f5b1cf18a1f9f1990d0f0db3b9b301b7b93a3847fd3be5305dff97734c4179eb5fa0a55c0465c299c478a62ce4

  • SSDEEP

    12288:/7lJcT1a7pu2JnRywZYj7lJcT1a7pu2JnRywZYH:/7lJe2Jn5ZYj7lJe2Jn5ZYH

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\gamesense.exe
    "C:\Users\Admin\AppData\Local\Temp\gamesense.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2920-0-0x000000007488E000-0x000000007488F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2920-1-0x00000000006A0000-0x0000000000754000-memory.dmp

    Filesize

    720KB

    Download

  • memory/2920-2-0x0000000005780000-0x0000000005D26000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2920-3-0x0000000005270000-0x0000000005302000-memory.dmp

    Filesize

    584KB

    Download

  • memory/2920-4-0x0000000005210000-0x000000000521A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2920-5-0x0000000074880000-0x0000000075031000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2920-6-0x0000000074880000-0x0000000075031000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2920-7-0x000000007488E000-0x000000007488F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2920-8-0x0000000074880000-0x0000000075031000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2920-9-0x0000000074880000-0x0000000075031000-memory.dmp

    Filesize

    7.7MB

    Download