1c014b12fab6e83c2f63ec35c5848bf2543587c75df21c156593988fb91f8996

Analysis

max time kernel
122s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
20/07/2024, 19:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Galaxy Swapper v2.exe
Size

11.9MB
MD5

0d724d904edda3bec5b12aec8ab1a0a0
SHA1

82efbe2b7673acbc76ab488702661d8a4e50e164
SHA256

1c014b12fab6e83c2f63ec35c5848bf2543587c75df21c156593988fb91f8996
SHA512

3736f8e8119d6713295893f88983bdc6361161101fb43abee3db629cfd83dc0881fe6d913113a63997a85372b82f37c14cba32512dd2248037bfc2cd5034e7f7
SSDEEP

196608:6ucphGfnxS3J3w2oEffH9AaHOb6Qe2BZiHhWWiVbMOVvu8ovcLFwi+:xYGfms2v/jGicWiVbMOVvuxvcL+i+

Score

7^/10

Malware Config

Signatures

.NET Reactor proctector 62 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
behavioral2/memory/4924-0-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-10-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-11-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-6-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-14-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-15-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-13-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-12-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-9-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-7-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-4-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-3-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-8-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-5-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-17-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-21-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-24-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-25-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-23-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-22-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-20-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-19-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-18-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-16-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-43-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-45-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-46-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-49-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-52-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-55-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-57-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-63-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-62-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-61-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-59-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-56-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-60-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-58-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-54-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-53-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-50-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-47-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-51-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-48-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-44-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-42-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-41-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-39-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-38-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-36-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-34-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-33-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-31-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-30-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-28-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-27-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-40-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-37-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-35-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-32-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-29-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor
behavioral2/memory/4924-26-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp	net_reactor

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
4924	Galaxy Swapper v2.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4924	Galaxy Swapper v2.exe

C:\Users\Admin\AppData\Local\Temp\Galaxy Swapper v2.exe
"C:\Users\Admin\AppData\Local\Temp\Galaxy Swapper v2.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4924-0-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-10-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-11-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-6-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-14-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-15-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-13-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-12-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-9-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-7-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-4-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-3-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-8-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-5-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-17-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-21-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-24-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-25-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-23-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-22-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-20-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-19-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-18-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-16-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-43-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-45-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-46-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-49-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-52-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-55-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-57-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-63-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-62-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-61-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-59-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-56-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-60-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-58-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-54-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-53-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-50-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-47-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-51-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-48-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-44-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-42-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-41-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-39-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-38-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-36-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-34-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-33-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-31-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-30-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-28-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-27-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-40-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-37-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-35-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-32-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-29-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download
memory/4924-26-0x000001ACB21D0000-0x000001ACB2A30000-memory.dmp

Filesize
8.4MB

Download