Overview

overview

10

Static

static

10

Welcome to...er.exe

windows7-x64

1

Welcome to...er.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    10s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09-08-2024 22:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Welcome to ParadiZe v20240305 Plus 18 Trainer.exe

  • Size

    1.8MB

  • MD5

    95398b05aef4d0a1129076bc7a065ca6

  • SHA1

    0a64d718b1b1c503acb87a40d4702d4a5694cd65

  • SHA256

    9f8aa22aefec636321afd5975a716cce7e0c473ccd392e6e8540f3e62eeabef9

  • SHA512

    230104baa2088c39b172b8a99a16a445a15c5fad1560ad5b54c88738c2847655b978a8a57bd2c71d7e48fa165cc4eb70a32c158443cc7ba54f654107b883dad7

  • SSDEEP

    49152:XnQPnAzQWU5C7CXbR+cxMXT5X1C1vJFF1:XceQh5I0xMD5lC1vx1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 40 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Welcome to ParadiZe v20240305 Plus 18 Trainer.exe
    "C:\Users\Admin\AppData\Local\Temp\Welcome to ParadiZe v20240305 Plus 18 Trainer.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2276-0-0x000007FEF5BD3000-0x000007FEF5BD4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2276-1-0x0000000000340000-0x0000000000374000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2276-2-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2276-3-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2276-4-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2276-5-0x0000000001CC0000-0x0000000001CCA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2276-6-0x0000000001CC0000-0x0000000001CCA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2276-7-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2276-11-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2276-32-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download