Analysis
-
max time kernel
79s -
max time network
78s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
14/06/2024, 11:28
General
-
Target
Install VALORANT.exe
-
Size
68.3MB
-
MD5
7da818565aa08d22e5950cbe28d5c215
-
SHA1
82e382af13d7f3f8c5bea56faeeea0566883931c
-
SHA256
e5859eb1dfa66e5d40908e0fc6901d7c2f5bd84fb6df5a3b432e34576e04cebd
-
SHA512
afa921057b4953b4fbb88c17d7b2c3cb80c59d4bca9e776d590e2693a5af3d6861592d302f9f349e6bc03f3555e77b6f033d17c33143c8dce104f6a8fc80904a
-
SSDEEP
1572864:sgs99CzSp8d0UNl/Ywrt9E7lzPFUKBBJDIVIbjSp1xe:/6p8dnAthBBJDIVRj
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe"C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe"C:\Users\Admin\AppData\Local\Temp\Install VALORANT.exe" --agent --riotclient-app-port=60389 --riotclient-auth-token=Oo8pD-ifvc6iLtJTwjV96g --app-root=C:/Users/Admin/AppData/Local/Temp "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install VALORANT/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT" --session-id=d809d832-c9e3-0a44-9c6d-81dd04ed4b3d2⤵
- Suspicious use of AdjustPrivilegeToken
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
39B
MD5bc6d66626aeb0b0217b05a7796536196
SHA187a587d4f371280567ccf502c4edd394abc1fe78
SHA256a495f4fc0fb610ca73328f20417e32716f764f98bd0e69829dbd20d921fb8078
SHA51230cf63d5783f6ecdfd72a42709c38c138306591f3e2302a070618efed56e1e9e572d3c94da310b3777922740d03b4fd15b562aa666727f9d102d7024b0296cf3