afd8d8d37d356702122236ca272511a8408ec817c33276122641245b034661f6

Resubmissions

21-07-2024 10:07

240721-l5r95azfpn 5

21-07-2024 09:24

240721-lc2m4axelh 10

Analysis

max time kernel
143s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
21-07-2024 09:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe
Size

813KB
MD5

6a7681530b7cd49a24f0e12f609f0635
SHA1

02595be9615b657bbbbfa4f4296a5f905fb6485a
SHA256

afd8d8d37d356702122236ca272511a8408ec817c33276122641245b034661f6
SHA512

66a3e786f8392fff29f5f6611a89f9b6891da3e12e9fff765d7d1336857c86bdc8674f5f2f70ef73a235a837257ec4bfcf7408d533bbb7a26a9a3ad6c9e1c4f8
SSDEEP

12288:IycLHzILbdesTkxgaEfLDRXrIAzhXUj5/PY88KzRrhK7fVIIa4Nd4K6mZvUoy:BcLHiX1akDR7IcXu/Q8rOfVIp32Uo

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4548 set thread context of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1360	2992	WerFault.exe	87

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87
PID 4548 wrote to memory of 2992	4548	SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe	87

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.2334.3801.19434.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4548
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  2⤵
  PID:2992
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2992 -s 580
    3⤵
    - Program crash
    PID:1360

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 2992 -ip 2992
1⤵
PID:5000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4548-0-0x000000007443E000-0x000000007443F000-memory.dmp

Filesize
4KB

Download
memory/4548-1-0x0000000000BD0000-0x0000000000CA2000-memory.dmp

Filesize
840KB

Download
memory/4548-2-0x0000000005C60000-0x0000000006204000-memory.dmp

Filesize
5.6MB

Download
memory/4548-3-0x0000000005750000-0x00000000057E2000-memory.dmp

Filesize
584KB

Download
memory/4548-4-0x00000000056B0000-0x00000000056BA000-memory.dmp

Filesize
40KB

Download
memory/4548-5-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/4548-6-0x0000000005B90000-0x0000000005C4C000-memory.dmp

Filesize
752KB

Download
memory/4548-22-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-7-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-66-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-70-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-68-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-62-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-54-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-52-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-50-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-48-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-46-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-44-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-42-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-38-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-36-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-34-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-33-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-30-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-28-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-64-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-60-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-59-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-56-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-40-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-27-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-24-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-20-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-18-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-16-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-14-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-12-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-10-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-8-0x0000000005B90000-0x0000000005C46000-memory.dmp

Filesize
728KB

Download
memory/4548-1083-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/4548-1084-0x0000000006A80000-0x0000000006AB6000-memory.dmp

Filesize
216KB

Download
memory/4548-1085-0x0000000006AF0000-0x0000000006B3C000-memory.dmp

Filesize
304KB

Download
memory/4548-1092-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download