Overview

overview

4

Static

static

3

MCENTERS 5....0.exe

windows7-x64

1

MCENTERS 5....0.exe

windows10-2004-x64

1

MCENTERS 5...64.exe

windows7-x64

4

MCENTERS 5...64.exe

windows10-2004-x64

4

MCENTERS 5...86.exe

windows7-x64

4

MCENTERS 5...86.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    137s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-06-2024 19:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MCENTERS 5.0/MCenters 5.0.exe

  • Size

    249KB

  • MD5

    4ca328d332c4aa17ca7032dad1b45b00

  • SHA1

    f0e94f2fb686fc4670d61b3f6631541d266a3918

  • SHA256

    485a89a78b8af031106f2b6052e2447b2fb7a6300129dbca4ff554adb9b24c1d

  • SHA512

    fc21c3f80ff5eec11c335d67d519fdf19339bafd79fcd0b00cf30a8c77a3e51223c99fd99389388bd5b9531815db0a2d5f7ad22a7c58fd27d1509289ba82ed4d

  • SSDEEP

    3072:uUhELNdJqNOXJfBkWRWdQ831x6wpl3ny2zXeV2nU0ssiyV+WPrfcVblcZSuQ:uZL7kwXp6jyADnUUiScZOZSu

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MCENTERS 5.0\MCenters 5.0.exe
    "C:\Users\Admin\AppData\Local\Temp\MCENTERS 5.0\MCenters 5.0.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5080
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3716 --field-trial-handle=2252,i,16504368816373493055,9578615028378602855,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4696

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5080-0-0x00007FFC4E983000-0x00007FFC4E985000-memory.dmp

      Filesize

      8KB

      Download

    • memory/5080-1-0x00007FF652470000-0x00007FF6524B4000-memory.dmp

      Filesize

      272KB

      Download

    • memory/5080-2-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5080-3-0x00007FFC4E983000-0x00007FFC4E985000-memory.dmp

      Filesize

      8KB

      Download

    • memory/5080-4-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5080-5-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5080-6-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5080-7-0x000001A964E40000-0x000001A964E48000-memory.dmp

      Filesize

      32KB

      Download

    • memory/5080-8-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5080-9-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5080-10-0x000001A964EC0000-0x000001A964EF8000-memory.dmp

      Filesize

      224KB

      Download

    • memory/5080-11-0x000001A964E90000-0x000001A964E9E000-memory.dmp

      Filesize

      56KB

      Download

    • memory/5080-12-0x00007FFC4E980000-0x00007FFC4F441000-memory.dmp

      Filesize

      10.8MB

      Download