Overview

overview

10

Static

static

10

afkjourney...c5.exe

windows7-x64

4

afkjourney...c5.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...el.dll

windows7-x64

7

$PLUGINSDI...el.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

7z.dll

windows7-x64

3

7z.dll

windows10-2004-x64

3

AFKJourney...er.exe

windows7-x64

3

AFKJourney...er.exe

windows10-2004-x64

1

AFKJourneyUninst.exe

windows7-x64

4

AFKJourneyUninst.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

CrashSight.dll

windows7-x64

1

CrashSight.dll

windows10-2004-x64

1

hpatchz.exe

windows7-x64

1

hpatchz.exe

windows10-2004-x64

1

resource/lang/ar.js

windows7-x64

3

resource/lang/ar.js

windows10-2004-x64

3

resource/lang/de.js

windows7-x64

3

resource/lang/de.js

windows10-2004-x64

3

resource/lang/en.js

windows7-x64

3

resource/lang/en.js

windows10-2004-x64

3

resource/lang/es.js

windows7-x64

3

resource/lang/es.js

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22-06-2024 18:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AFKJourneyLauncher.exe

  • Size

    8.4MB

  • MD5

    45b6bdf8c267b7f0848df5ce3bdbf170

  • SHA1

    063000bf7d6c8ece7a83bf19ded5c950642a6bd4

  • SHA256

    f04675e786a4ee91467766316241af4970f56c31c7598de738c95042cf503de5

  • SHA512

    26a82ddbb377000ea1c7d5b3cc5e554a2a5c5e968bda9a2c8fc84eac00662e259e206b70611ab28ea21db4cd79813091fa10c0a2a21dfcf3fb12b3069d2afd66

  • SSDEEP

    98304:iAgCwfDwBWvmua4UkN16q1Kg653H6kcaa1Om4XdI8S4URtCGcNtCGcJVxay:iHfsBWvRzF16qKY1YDUr1cf1cTxP

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AFKJourneyLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\AFKJourneyLauncher.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/824-2-0x0000000003130000-0x0000000003157000-memory.dmp

    Filesize

    156KB

    Download

  • memory/824-4-0x0000000075F60000-0x0000000075F70000-memory.dmp

    Filesize

    64KB

    Download