1bfb622b855669c21ed5681d4a6ebc2d0f64df35bc4f209946c134f9958d129a

Resubmissions

19/07/2024, 23:55

240719-3ynf2azglf 7

19/07/2024, 23:51

240719-3wbdpawgjn 7

Analysis

max time kernel
1792s
max time network
1164s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
19/07/2024, 23:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

$TEMP/keygen.exe
Size

381KB
MD5

db2e56a4dd188f2d7521ce11481432c0
SHA1

822d5251d42dc56674a59f1e20103990cd8aef8c
SHA256

2f5e714271e5206dafb32d77a69859243e44b85321cc39b985e44303f200a185
SHA512

49762ae5f9dfb95eec33eec6c59ce8e433ed45ee4b4f44b59f22f108b4e29eb9d6e1e641f0569898a651f6ad36d64287ecf87c40aee780c90ae72b714ca10ab8
SSDEEP

6144:Syztgw3QmFzwDK14dHTDtes6MRjLhzjPrzwuyXfTfo:hzh3NeWSzBe3MjLhzjSo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral6/memory/4424-0-0x0000000000400000-0x000000000043C000-memory.dmp	upx
behavioral6/memory/4424-2-0x0000000000400000-0x000000000043C000-memory.dmp	upx

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	4248	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4248	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\$TEMP\keygen.exe
"C:\Users\Admin\AppData\Local\Temp\$TEMP\keygen.exe"
1⤵
PID:4424

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x508 0x314
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4424-0-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/4424-1-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-2-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/4424-3-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-5-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-7-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-9-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-11-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-13-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-15-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-17-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-19-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-21-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-23-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-25-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-27-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-29-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-31-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-33-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-35-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-37-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-39-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-41-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-43-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-45-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-47-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-49-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-51-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-53-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-55-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-57-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-59-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-61-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-63-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4424-65-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads