Overview

overview

7

Static

static

3

425f8e3a07...18.exe

windows7-x64

7

425f8e3a07...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

Mythic_Marbles_CH.exe

windows7-x64

3

Mythic_Marbles_CH.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

�...��.lnk

windows7-x64

3

�...��.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    97s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2024, 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mythic_Marbles_CH.exe

  • Size

    5.5MB

  • MD5

    9dfb3dbd207f1ed6c769b072987eb994

  • SHA1

    14bb24a7ab9d7c040f3fce88d31b9263cbeae8c2

  • SHA256

    ba48b005cc9b65d71d78cad6ad797c6dc0a8a37639c2ac778e515024965c9a70

  • SHA512

    6973cad973f17e84f970b020bbb7c8dbcc9fe0a8fb7a8ae214389c32b94eed7fc554bced88ab3fd18f7576e87d9566dd8fe9c943abf3e07c91eb67e8605d2aa7

  • SSDEEP

    98304:pxhMfR6t3en0VgoflW1/iWTi1aJD5Sc+WwSCifbcr4bdWrFWUxP3CcXMk4LqbKRP:SfA3BVdk/vrScJDVfbMydkFnpa+bxDyJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Mythic_Marbles_CH.exe
    "C:\Users\Admin\AppData\Local\Temp\Mythic_Marbles_CH.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1512
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x38c 0x310
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1512-0-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-1-0x0000000000401000-0x00000000004FD000-memory.dmp

    Filesize

    1008KB

    Download

  • memory/1512-15-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-16-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-17-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-18-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-19-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-20-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-21-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-22-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-23-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-24-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-25-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-26-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-27-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1512-28-0x0000000000400000-0x0000000000570000-memory.dmp

    Filesize

    1.4MB

    Download