Resubmissions

23/08/2024, 16:00

240823-tf47dsteqe 6

23/08/2024, 15:32

240823-sy293sseld 4

23/08/2024, 15:18

240823-sp1d5athqk 8

23/08/2024, 14:12

240823-rjcv7sydnd 7

23/08/2024, 02:33

240823-c17dta1cpd 7

23/08/2024, 02:11

240823-cmbpzszelg 4

23/08/2024, 02:00

240823-ce59mazbnh 4

23/08/2024, 01:37

240823-b1992a1dmm 5

23/08/2024, 01:24

240823-bsm5jazhpp 5

23/08/2024, 00:51

240823-a7p21awhld 6

Analysis

  • max time kernel
    143s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/08/2024, 02:11

General

  • Target

    mcbuilder.exe

  • Size

    124KB

  • MD5

    fa8d521aeb4c13fcd84b564b14257f34

  • SHA1

    3c57c173472b69e11c21de0dba7e2ce43595dddb

  • SHA256

    4280c675c4c1da4f0ffe4b313b3c5d47dd0c54bfb98d324695c479370e5c015d

  • SHA512

    8abd18c0dfe6f83427266a7da51f44b26c3d915db6bf067e6fff55966a504928592fe5bd92e62d876c096f10a213406dc53c5a70239afa20b7eb759abb1c50e6

  • SSDEEP

    3072:nsEdVfAl5BNPDEPNHRVVN8IGje/42/5RJZ:njAl5BNAPNHTVNe2hR

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 44 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mcbuilder.exe
    "C:\Users\Admin\AppData\Local\Temp\mcbuilder.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    PID:1924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads