c94007fa3ff3c472cc4eaaee9402c021f33cf6294bee917674a43f1b80acffcb

Analysis

max time kernel
142s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
11-07-2024 12:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WinRAR.v3.90.Keyfile.Maker.Only-FFF/Keygen.exe
Size

197KB
MD5

19514e0615731fddc85fb79e08ab216a
SHA1

b43bd473e2bacde1251a024582061c02d29dfd7c
SHA256

52f1fe9c82c4fdd8bc0f4c349fed13b7e27eeadf06bfeda1cd33f3e4a6a2d1fe
SHA512

9f809e4b47903858b393b800fecadd7a8b28cd28e3867b42c38f345553b5bf5e926c94365db0e180ddc654f38ff4b99648ee1aa444c9a9f4cbc64914babd3732
SSDEEP

6144:UD1YoBTG2m5uKyGQaDonABtK2bLjw8zh:UDKo5m5d3DcABtBjwuh

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3192	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3192	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\WinRAR.v3.90.Keyfile.Maker.Only-FFF\Keygen.exe
"C:\Users\Admin\AppData\Local\Temp\WinRAR.v3.90.Keyfile.Maker.Only-FFF\Keygen.exe"
1⤵
PID:3952

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x414 0x4a0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3952-0-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-1-0x00000000001D0000-0x00000000001D2000-memory.dmp

Filesize
8KB

Download
memory/3952-2-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-3-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-4-0x00000000001D0000-0x00000000001D2000-memory.dmp

Filesize
8KB

Download
memory/3952-5-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-6-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-7-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-8-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-9-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-10-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-11-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-12-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-13-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-14-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-15-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download
memory/3952-16-0x0000000000400000-0x000000000045C000-memory.dmp

Filesize
368KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads