Overview

overview

8

Static

static

3

Voicechang...er.exe

windows11-21h2-x64

8

$PLUGINSDI...Vs.dll

windows11-21h2-x64

3

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...up.exe

windows11-21h2-x64

7

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDIR/setup.exe

windows11-21h2-x64

1

$PLUGINSDI...ll.exe

windows11-21h2-x64

7

$PLUGINSDI...Vs.dll

windows11-21h2-x64

3

$PLUGINSDI...ib.dll

windows11-21h2-x64

3

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDI...ry.dll

windows11-21h2-x64

3

$PLUGINSDI...ll.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    1760s
  • max time network
    1776s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15-06-2024 11:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/setup.exe

  • Size

    3.5MB

  • MD5

    f6bb34a27df7b73ef84a3304b20e7f3f

  • SHA1

    b34131154d5898ee719d9d1f298f030269452ce2

  • SHA256

    e4bd75baf65899986814fa18a7b12832a425a856c4b807dd65e447d94d826fde

  • SHA512

    7669da93a821e3b139b2097144e6613a632efa91e14077d935b83b51695dd9a825a7de9b500fcd4df21897a92b699ca97c977cfd3c4a61d19879cd3efe47056f

  • SSDEEP

    98304:LHPttYZbwA2PNbMzSbwy9SbwgRqH5X3ng8nWIQ:LPYby9yqZXXg8BQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\setup.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4092-0-0x000000007472E000-0x000000007472F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4092-1-0x0000000000A90000-0x0000000000E10000-memory.dmp

    Filesize

    3.5MB

    Download

  • memory/4092-2-0x0000000074720000-0x0000000074ED1000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4092-5-0x0000000074720000-0x0000000074ED1000-memory.dmp

    Filesize

    7.7MB

    Download