Analysis

  • max time kernel
    51s
  • max time network
    51s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2024 17:31

General

  • Target

    Lossless Scaling 2.9/LosslessScaling.exe

  • Size

    962KB

  • MD5

    4c8d9566dc1e5f1eae914a546ee819a0

  • SHA1

    8b16f43b0c84a43eecb24aad51d33795752a3b07

  • SHA256

    b5b9671a6e309afd15a595ca96ce2d294f26519c73e68c4909418a3129c6db68

  • SHA512

    5a7ded63ec2c6d3320d14bdc876c4f51c1a7c6e1c8a89028f646c03a2b393262db3b16d66b58903a83f0aa34218a8649aeeec0cf49a0ac9a404d29336bf85532

  • SSDEEP

    12288:ixNRPEDS4MCLSyf6mOuGyW38yHJc+CKtOaO5Z7WhaGwnzE4ZbuRCwmhI2J+0sDw8:irRWtMCLPf1Oi32OvzTo4ZiRlT/vl

Score
1/10

Malware Config

Signatures

  • Modifies Control Panel 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\LosslessScaling.exe
    "C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\LosslessScaling.exe"
    1⤵
    • Modifies Control Panel
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml

    Filesize

    2KB

    MD5

    9722d4173cdb869a507c57629b6aecdd

    SHA1

    e816426039ca9a684a60b8923780550c19c85ccd

    SHA256

    5d1b53f734db6ae2c37c6dbbeefa03c6745dd033c7b55ffeeb03a11aae6bc8c2

    SHA512

    488e3a82ffba4f8d4e5eca9c3d81302e075bfc2c2319fe9c1d3c1d6025c2b0ddc752dd53d06a6cebab1fc0720a0e11068b2295d683069db6a33aadb06e3438d7

  • memory/848-9-0x000001B5FEDC0000-0x000001B5FEE72000-memory.dmp

    Filesize

    712KB

  • memory/848-4-0x000001B5FCE30000-0x000001B5FCE38000-memory.dmp

    Filesize

    32KB

  • memory/848-10-0x00007FFF03E40000-0x00007FFF04901000-memory.dmp

    Filesize

    10.8MB

  • memory/848-6-0x00007FFF03E40000-0x00007FFF04901000-memory.dmp

    Filesize

    10.8MB

  • memory/848-11-0x000001B5FEF30000-0x000001B5FEFEA000-memory.dmp

    Filesize

    744KB

  • memory/848-3-0x000001B5FE7D0000-0x000001B5FE7F6000-memory.dmp

    Filesize

    152KB

  • memory/848-7-0x00007FFF03E40000-0x00007FFF04901000-memory.dmp

    Filesize

    10.8MB

  • memory/848-12-0x000001B5FEEB0000-0x000001B5FEEE8000-memory.dmp

    Filesize

    224KB

  • memory/848-5-0x000001B5FCE50000-0x000001B5FCE5A000-memory.dmp

    Filesize

    40KB

  • memory/848-2-0x000001B5FE6F0000-0x000001B5FE7D6000-memory.dmp

    Filesize

    920KB

  • memory/848-0-0x00007FFF03E43000-0x00007FFF03E45000-memory.dmp

    Filesize

    8KB

  • memory/848-13-0x000001B5FF5F0000-0x000001B5FF5F8000-memory.dmp

    Filesize

    32KB

  • memory/848-14-0x00007FFF03E40000-0x00007FFF04901000-memory.dmp

    Filesize

    10.8MB

  • memory/848-16-0x000001B5FF600000-0x000001B5FF60E000-memory.dmp

    Filesize

    56KB

  • memory/848-1-0x000001B5E2900000-0x000001B5E29F6000-memory.dmp

    Filesize

    984KB

  • memory/848-30-0x00007FFF03E43000-0x00007FFF03E45000-memory.dmp

    Filesize

    8KB

  • memory/848-31-0x00007FFF03E40000-0x00007FFF04901000-memory.dmp

    Filesize

    10.8MB