Analysis

  • max time kernel
    271s
  • max time network
    276s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-06-2024 15:24

General

  • Target

    http://peakoin.com

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://peakoin.com
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4996
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffccef1ab58,0x7ffccef1ab68,0x7ffccef1ab78
      2⤵
        PID:1564
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:2
        2⤵
          PID:3584
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:8
          2⤵
            PID:2720
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:8
            2⤵
              PID:4696
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2912 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:1
              2⤵
                PID:3628
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:1
                2⤵
                  PID:5012
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4356 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:1
                  2⤵
                    PID:992
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:8
                    2⤵
                      PID:4520
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:8
                      2⤵
                        PID:4524
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2568 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:1
                        2⤵
                          PID:3068
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4892 --field-trial-handle=1908,i,9987639246946011279,3332922456169778855,131072 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:2484
                      • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                        "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                        1⤵
                          PID:1080

                        Network

                        MITRE ATT&CK Enterprise v15

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

                          Filesize

                          32KB

                          MD5

                          98411d218305d3b9cf2ca011f7dffffb

                          SHA1

                          cafb5192d98e7cff13c4f6d4d85258a67595ff79

                          SHA256

                          262a5461aeba0858b75cd6c55c244cc0efc772060c95f941776aa078a219e959

                          SHA512

                          cdf42ea49a491b7c9b663e3e96a18b902346d789daaea6c153ba41ceffe52210c63138157c3de9e9c51b3bf5cc4f269757e8e78427a18902c87045993f263694

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

                          Filesize

                          55KB

                          MD5

                          5890d92eea600637fda91c44c2b29599

                          SHA1

                          3f323314fe6511bb6b2183b917d6aadac9f23b26

                          SHA256

                          a6b20497727358b4ab47eb05b1aeb4d7aee800756d0ec24a140c41ac273091ab

                          SHA512

                          01bb47c86586acaff43eb2dca4a162fa1e5ed20ef9500e55759bf179c374dec0c3b742ca09197088ef3a7128b57aa4462a745327622eeca9d459cf2589265ddf

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          360B

                          MD5

                          3334c3a00a29eb37f6273c5c02bd14b0

                          SHA1

                          9d83f25e3d037bdd2fb082da073ce48e49298570

                          SHA256

                          e164c4a0a081c93012b6801ddb27468047d952158692f3f7ee2adc1cea3a9f68

                          SHA512

                          56f055287532f8e6de6f06298fe1b11787bd60247005b6b599a8b310905f4326c05b479eda2f94cf811ea95ff712afb9509e41c76abaef00f1ecc947f1ebb8e8

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          480B

                          MD5

                          f5ae6fb400b9c4d87929a9daf9f850d2

                          SHA1

                          97f43a9e22c47e1fd2ab369e6bc82adbee83c821

                          SHA256

                          5f553aab98fee5d04655c8ac128b274a74abc69bc2b02a3d32009bae983203bd

                          SHA512

                          514a37ae00ae0a27a9bc8aeba7885a7bbe6e4e11897aade98f210cde25e45239eab8e123e11c17002bc0c44ed256c66700d2b60686a3705804ea8f6c1ee4a4b7

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          528B

                          MD5

                          d5c8ed1871de3efa009a6d47381bcbc5

                          SHA1

                          0e6b30859f9e1b4fbe36d9d13e0ed99652d6d15c

                          SHA256

                          d201f6377828c9f0ecee67c4b95531f17ea487908d1b214acf326164af6746fa

                          SHA512

                          c974faa9fdae1da488036f97fac78e7793350a45dcc9286ad75c0c488b7c48e144bd90f373ed8a4e3d90225f13ff6f44fd24bb67e766130bb49ce00ee1f743dd

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          192B

                          MD5

                          cf7c19fcc456a1cebe6d73ee894ea28b

                          SHA1

                          c0808f31add536b7e55363967ab3f69b730edd23

                          SHA256

                          ddd9d80f47950084e9bab77c739f19f78b548a730ed0d2bdc202b11564519df0

                          SHA512

                          7288318f7a30658340cb477fc21f0dd6b2682f0c8056da7d12e6779163cd4c2c89e3c05a5835ac65ed486e7b939f40058c4bf7d38bc08352da841d101c246e28

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          1KB

                          MD5

                          70006bdb3f7113c7c05ab24552979ec4

                          SHA1

                          637de7ec21faf1e80f6b237594976f093a52cde6

                          SHA256

                          d1fb5c79f465622d0593864fa790177be2e62d631788971adf6c7280017538e8

                          SHA512

                          0e5b77b8f2883710745c2e8248ec6b5a721acdb3ac45aaf062181c4fdb4503300b70b789755a6b200fda90cb27782995a61dd61138641b6a9115ad0974bf0ccf

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          2KB

                          MD5

                          9ecd23b6441df4d9cb0b2238e235c672

                          SHA1

                          36a8b340aed998dc1baeb273e32b4c3d6e048cb4

                          SHA256

                          5f3d3c74f0ec588ebf26d1849c09e606bec7f64322fe6931b5c638b2c012448d

                          SHA512

                          4121e48325b65a82b6bfd2d4dc32f4f6948adfa5a707aa6ea61b6e7562a11bcb37693150a9ac3dd1aaf19f827ca697159fcb8900689e82db5092dbc5173406af

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          2KB

                          MD5

                          ef6ecc8698dd326181835b6742ce5348

                          SHA1

                          f70712f41fd979318e83400fbc1ad7c05bf4f88e

                          SHA256

                          7a8525402b284fd51a493a73526ceda23cc3619211630bb63029c9d93a0a16b4

                          SHA512

                          bcbedec1d2897f6d34175ba844604544397f5e8417163bd201fb37b7f4b0a078783473b0b20224f41bf1c50311a36bcc7b60a16641a9bd976a88048f00361d75

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          2KB

                          MD5

                          46b75bd3add360dfff9dbb6b814eba1c

                          SHA1

                          27fefec0a5dac6c9c95087a8152fae85f201c4ee

                          SHA256

                          848d308f763ed857dced03ec0aa7616e20ea7ffdf20964153deea8a96a8abd50

                          SHA512

                          72f9e5b51a852cbdf1d7e4ae9720401fc879e5b0317ab2b76b9f83e9ea93d32ef64a779f55c256ad9c7d59991e79bb1f50180ea17c959f0d95f70a7852b5bd29

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                          Filesize

                          2B

                          MD5

                          d751713988987e9331980363e24189ce

                          SHA1

                          97d170e1550eee4afc0af065b78cda302a97674c

                          SHA256

                          4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                          SHA512

                          b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                          Filesize

                          524B

                          MD5

                          503c3d72b021837196d6cdfc72b1bda2

                          SHA1

                          363e6dfb31d2e8abe3235c9fc52cee19cdbdd3c5

                          SHA256

                          94d2ecbd9d40ef75a1fcf91f06b6ad36c81def3e2f09fd4c9a6e5cd04786ead9

                          SHA512

                          ea0aa4e28e9453dfd0dcf4687c38708766c4515308b60b2462a9fd88d7f38cbac6b7973e29e321a785ce06eac03e2db93ca57505482cd50d36ac0fffeb4fb390

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          7KB

                          MD5

                          42eb07c3e1bccda44fe542891a2a3e2c

                          SHA1

                          cd181b3d13a79e1e53dccad720bb787206e35d87

                          SHA256

                          c9dacb8f8d76800b82e3ac8f761f99fb3bd7e9cdda7dba876db1206a9b0611f4

                          SHA512

                          f50433adfaa0790c5c0c4e07f66a371b50237fc8d0360fa3ec3182b05c774fbc6e3c273c97e72b9fc56ffbe46e2114164ad9f0a0ed45ae27603a55c08819d737

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          7KB

                          MD5

                          2ec9ab9e25f760043c13b886b3f8b531

                          SHA1

                          8d046ba6e52385332a066a280dcb0efadb71bbed

                          SHA256

                          ef4334b3f718703e0c2aaf2991c9d7546a11969cdd3bbd87820fec38e0576271

                          SHA512

                          fb1ce06980368062440ceeb21af0f59703b3f13aa50699367d9661dc85768359e303df630e1366c1fde286571acf26c13fadbdd878c888db05d43e8ddf5ee80a

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          7KB

                          MD5

                          fd52e1bc5e39786fd4e26344c0c5c26d

                          SHA1

                          91a22037e5b08e74b03a721f1d08da0b9ba90500

                          SHA256

                          c2aab7d4a65d92e6860cbbf66823d7df1c1f49a478a73c77f8062432a1734ad2

                          SHA512

                          a83d09e2602b9218c069fa49d89219e82f8039fb2f2fb6056154c0784231b97a48e754768b6350a8d089d3fef9a9a4a93be68b2ff6993064d8083e7a15a8946b

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          7KB

                          MD5

                          66115099c9636a6732923857be63bf19

                          SHA1

                          038627042345588828683dd8ae3101cadaefdd2f

                          SHA256

                          d71e8bd9000fa7f91c75b7b048eb76d6657de88b875618b55658ed3cb5be3f7d

                          SHA512

                          2dda3ada0c35434821bc70feff2d5100832aa9b279a7490d78577ce40bfabfab7fa54d002e7ed1ec915d724b8363ecb6e1f054484126344d31e65fd0ceb2e62d

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a90d25bc-453d-40ea-a736-e198d447dc97.tmp

                          Filesize

                          7KB

                          MD5

                          c0b57f066e9fde8c133a8e71080ec3b2

                          SHA1

                          b915320194986858bb43ffa8e995baaa2bebea9c

                          SHA256

                          4a1141c573ef769c0085be7b8dbec1c16bae8959280e67f1d42b688001958163

                          SHA512

                          7dd398b65d82adf18e21ebbd00893b053b56eff72c943a198a332547b171251d10973102392549c27728dbce283917e5719dca102c2eb5fb61ca990c16f458f2

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                          Filesize

                          138KB

                          MD5

                          0e4d0378b8abe30bceb02117ac4cb711

                          SHA1

                          800291d182914b1f6fc2d0a24ea74831292f46ff

                          SHA256

                          aa0e2414d575b443f00f0c422e96db9d60ef96560dd35659f4d7e04a987d7589

                          SHA512

                          7cb744ea8f57db774365c3e6656537d411989515c1a34e97cc099dddd267046d2b3434ff8ecbc75dfe34aaef120d30a9dd3192795128c7b78e45cc44d36dde01