Overview

overview

7

Static

static

3

374e9db039...02.exe

windows7-x64

7

374e9db039...02.exe

windows10-2004-x64

7

$0/Archive...64.dll

windows7-x64

1

$0/Archive...64.dll

windows10-2004-x64

1

$0/Microso...er.dll

windows7-x64

1

$0/Microso...er.dll

windows10-2004-x64

1

$0/RAVEndP...er.exe

windows7-x64

1

$0/RAVEndP...er.exe

windows10-2004-x64

1

$0/System....te.dll

windows7-x64

1

$0/System....te.dll

windows10-2004-x64

1

$0/System....le.dll

windows7-x64

1

$0/System....le.dll

windows10-2004-x64

1

$0/cs-CZ/R...es.dll

windows7-x64

1

$0/cs-CZ/R...es.dll

windows10-2004-x64

1

$0/da-DK/R...es.dll

windows7-x64

1

$0/da-DK/R...es.dll

windows10-2004-x64

1

$0/de-DE/R...es.dll

windows7-x64

1

$0/de-DE/R...es.dll

windows10-2004-x64

1

$0/de/Micr...es.dll

windows7-x64

1

$0/de/Micr...es.dll

windows10-2004-x64

1

$0/el-GR/R...es.dll

windows7-x64

1

$0/el-GR/R...es.dll

windows10-2004-x64

1

$0/es-ES/R...es.dll

windows7-x64

1

$0/es-ES/R...es.dll

windows10-2004-x64

1

$0/es/Micr...es.dll

windows7-x64

1

$0/es/Micr...es.dll

windows10-2004-x64

1

$0/fi-FI/R...es.dll

windows7-x64

1

$0/fi-FI/R...es.dll

windows10-2004-x64

1

$0/fil-PH/...es.dll

windows7-x64

1

$0/fil-PH/...es.dll

windows10-2004-x64

1

$0/fr-FR/R...es.dll

windows7-x64

1

$0/fr-FR/R...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/06/2024, 07:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    $0/RAVEndPointProtection-installer.exe

  • Size

    531KB

  • MD5

    669e4e81a5618a7fffeab4b985ce1120

  • SHA1

    b121199e075c68fb29c401b4a46d5c636c386c06

  • SHA256

    c75abeb794038a9c303115cf5b779c3c011ba03b0e26e7bbbe4b36126788b341

  • SHA512

    aee9c4a00c99b70aee19539afad8155cacc5da4070c01255c4ac68eb0df90c6605b6f70ff41f4b3074374b017ca6480c6a72bdc9e50a3869f3de435705c5e164

  • SSDEEP

    12288:peZFVgIQtZM1A0+Nwhq3drtgZAPe4ZzLSZWs8XlK1Xe:MZF661A0ue8lmZAP3ZzLSZWsklcu

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$0\RAVEndPointProtection-installer.exe
    "C:\Users\Admin\AppData\Local\Temp\$0\RAVEndPointProtection-installer.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3728

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3728-0-0x00007FF83DF33000-0x00007FF83DF35000-memory.dmp

          Filesize

          8KB

          Download

        • memory/3728-1-0x000002BAAB300000-0x000002BAAB386000-memory.dmp

          Filesize

          536KB

          Download

        • memory/3728-2-0x000002BAACF50000-0x000002BAACF8E000-memory.dmp

          Filesize

          248KB

          Download

        • memory/3728-3-0x000002BAACF90000-0x000002BAACFC0000-memory.dmp

          Filesize

          192KB

          Download

        • memory/3728-5-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-4-0x000002BAC70A0000-0x000002BAC70D8000-memory.dmp

          Filesize

          224KB

          Download

        • memory/3728-6-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-7-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-8-0x000002BAC70E0000-0x000002BAC710A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/3728-9-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-10-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-11-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-12-0x000002BACAD30000-0x000002BACAD38000-memory.dmp

          Filesize

          32KB

          Download

        • memory/3728-13-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-15-0x000002BACAD60000-0x000002BACAD6E000-memory.dmp

          Filesize

          56KB

          Download

        • memory/3728-14-0x000002BACB2F0000-0x000002BACB328000-memory.dmp

          Filesize

          224KB

          Download

        • memory/3728-16-0x00007FF83DF33000-0x00007FF83DF35000-memory.dmp

          Filesize

          8KB

          Download

        • memory/3728-17-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-18-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/3728-19-0x00007FF83DF30000-0x00007FF83E9F1000-memory.dmp

          Filesize

          10.8MB

          Download