Analysis
-
max time kernel
142s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
12/06/2024, 18:48
Static task
static1
Behavioral task
behavioral1
Sample
AutoClickerv3.2.0.zip
Resource
win10v2004-20240508-en
General
-
Target
AutoClickerv3.2.0.zip
-
Size
646KB
-
MD5
c62ddb38f13e5fceed8fcf2cfa5607c9
-
SHA1
af63cfe01be4bd8168e3c2c65bf4ea4a8e02ac98
-
SHA256
43eb23c5036aaaa93d076cc01d09ccc932df41369001835a91f8a9251d31727c
-
SHA512
dfb05511feede5fc526dbe27659c92ecd09872ba8bbe00f56e93190bd03f2a41a18cf47a193344c948368f5b5a8d818cebc9613442fc1284ffd27a045b51a128
-
SSDEEP
12288:BDmCunSRUKCMPVkAcOZSUm8qJhIdbfRofh3J4/5pBwHi66B1gk:rRDCck9OMUIu7a1AXNN1gk
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 5 IoCs
pid Process 2692 AutoClicker.exe 2692 AutoClicker.exe 2692 AutoClicker.exe 4912 AutoClicker.exe 4912 AutoClicker.exe -
Suspicious use of SendNotifyMessage 5 IoCs
pid Process 2692 AutoClicker.exe 2692 AutoClicker.exe 2692 AutoClicker.exe 4912 AutoClicker.exe 4912 AutoClicker.exe
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\AutoClickerv3.2.0.zip1⤵PID:364
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4624,i,1999448010053300448,1112699187621658374,262144 --variations-seed-version --mojo-platform-channel-handle=3404 /prefetch:81⤵PID:2324
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:4400
-
C:\Users\Admin\Desktop\AutoClickerv3.2.0\AutoClicker.exe"C:\Users\Admin\Desktop\AutoClickerv3.2.0\AutoClicker.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2692
-
C:\Users\Admin\Desktop\AutoClickerv3.2.0\AutoClicker.exe"C:\Users\Admin\Desktop\AutoClickerv3.2.0\AutoClicker.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4912
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5f18c95d57458abedc3d05b8b9b5d8ac1
SHA1d882614e04bf28751f2f40ab71c19039b8a379ce
SHA2567aea0cb14b293d652a9f3f5dc6f7eb60265ccff0e5a98aece69e0629a07e2297
SHA512d214c74c9d4999ef5fb47d5bfa27fc5959150036a8b92e56bcaa9f9d0c87fda4d06ca5d6ca27c375cc5186547d3c9ce465b9d5ad781e80cd4665207e9ec3f742
-
Filesize
1KB
MD5efaa622dc4a0468563ceedced66eaeff
SHA1320191c3e8b141a365b1252dcc81ac5e0d41bb4a
SHA25601096723466076ec1d9a145b408453112644e20e158389cba3daeea285083b27
SHA512350d44eed768f7df6935407334936f524b592312cfbac2bc3aadca87cbe17e89f787bbdd500a65fc40dc823304442118b61e2d7cf2444924e21d220e235d0341