Analysis
-
max time kernel
150s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
28-06-2024 19:04
Behavioral task
behavioral1
Sample
Shiba Genisis Loader.exe
Resource
win7-20240611-en
3 signatures
150 seconds
General
-
Target
Shiba Genisis Loader.exe
-
Size
63KB
-
MD5
8406bf53e6f2457c5fffb895943b04c1
-
SHA1
c496e3ab44710259f5d9a5153d4471c2cfc6184f
-
SHA256
a55c7ed8b626f509f1db86fb6be1823a6bdf54b47c73a348cfe70c36e8b45d82
-
SHA512
77e81537492c79e62ef92d199f8db61b43f15d3c192472a908f798f10e480434eb14f96e850dc5d4302311bd28895fe862078e0f357ef06d5880e8e1f2d730d5
-
SSDEEP
768:jnuguX1wbgyX78dIC8A+XkuazcBRL5JTk1+T4KSBGHmDbD/ph0oXXOP+5Y/9rWS3:rvCCPTDdSJYUbdh9em5Y/7uEdpqKmY7
Malware Config
Extracted
Family
asyncrat
Botnet
Default
C2
147.185.221.20:36797
Attributes
-
delay
1
-
install
false
-
install_folder
%AppData%
aes.plain
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes:
Shiba Genisis Loader.exepid process 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe 4440 Shiba Genisis Loader.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Shiba Genisis Loader.exedescription pid process Token: SeDebugPrivilege 4440 Shiba Genisis Loader.exe