Overview

overview

10

Static

static

3

21434ba1af...18.exe

windows7-x64

10

21434ba1af...18.exe

windows10-2004-x64

10

AmazonGamesSetup.exe

windows7-x64

6

AmazonGamesSetup.exe

windows10-2004-x64

6

LIXVoWXPPCyc5Jy.exe

windows7-x64

10

LIXVoWXPPCyc5Jy.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    99s
  • max time network
    106s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-07-2024 05:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AmazonGamesSetup.exe

  • Size

    1.8MB

  • MD5

    02be3726c0a90958a3c30577d3b3a131

  • SHA1

    bedbab8bd74a9d7313ba32ca033c81ec32c04706

  • SHA256

    1a99f1054e51fe86416c59e5c526d69776fdabd7bb9831dbaab8582322121c7a

  • SHA512

    662eaa8d3b112ef981d27832a2a46b0ecb55e2d1dcf49fe1fbd134e3c4e02758bc9ad3db2e25f53fc174e2083dd278967f405a768fdd814612c9a43bc6d1c713

  • SSDEEP

    49152:G/mvl+01HHWra6IjgKDlUzIzsBKLxYqJKevCnuueO+0D17gM8s:bvUAnWrBq1ABzH

Score
6/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AmazonGamesSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\AmazonGamesSetup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3684
    • C:\Users\Admin\AppData\Local\Temp\Amazon Games Setup.exe
      "C:\Users\Admin\AppData\Local\Temp\Amazon Games Setup.exe" "/nopatch"
      2⤵
      • Executes dropped EXE
      PID:2420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Amazon Games\Data\Logs\Native\Install_2024-07-03_05-42_0.log
    Filesize

    1KB

    MD5

    3492e47ae90f01ced3332f5ba766e54d

    SHA1

    ee98df4a6ba6441deba67f11c6cc606739677f6d

    SHA256

    bea103ae11831223117890db8c887f3993974c4f36e1d28a167500ef529d3a84

    SHA512

    7cc275a774325ab6a9b0c2495c8f9c864c4541a6a751105e1cb4d954e805ab6415767608cfb54cd2a871e021e5826186efb42f06ceb21b911cf11921c90781af

    Download Submit

  • C:\Users\Admin\AppData\Local\Amazon Games\Data\Logs\Native\Live-Install_2024-07-03_05-42_0.log
    Filesize

    6KB

    MD5

    3fc92f03a907f7efc7f88746b7c56cba

    SHA1

    d3f69ed38285e33f012eabef54390b44bdb16d5e

    SHA256

    5349d99a04c6cba8333b48a4f381e3675124295eb43e4686d8c69ee1c813c27b

    SHA512

    8441ff9e9081f00336a705e37be51437cb65eb38d39b65b82672054bcfbc30e43fb3628fc8bf8886130b8b7d00b09c9013019946728bffb35728128b85e71cf3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Amazon Games Setup.exe
    Filesize

    1.9MB

    MD5

    3f1a9950778e30d7e742506da20c0c14

    SHA1

    e61f35b01bd30aeb144b9136b52239956e0f1d7e

    SHA256

    f6e6eb9e27a83689960f2438d86512092db2532c97d460e9b2e6a23834fa48f3

    SHA512

    43f84f1d28bf6ebbf338970c20ecbb153bdbf4d199d036136663c26a504d6ad454dc18cb108e90b4329c74b483e82b513462e119d1f8df01b2e926e123c38808

    Download Submit