b821bf76fcb5d69073fcdad1276ec37a7f0e19a3959c9861ab42263ab87903dc

Analysis

max time kernel
150s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24-08-2024 12:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
Size

791KB
MD5

11f3901587eebc9d1eed4568b5a3b941
SHA1

b5729c49bb8ff4e12e3e5c07f39428c27931bd28
SHA256

b7247c72213c004ff2dd3902dae1f70ea7f7e5861426ae1c59206a1b25516479
SHA512

b49d5ac2de32aa5a83b1d6c97bacd9547e02efad8eadf3aac105b0adbf94c2cf8b0257f96f27a41bf75c9b43e4540e42a3820b53a3c644a387c732a6e47d5a60
SSDEEP

12288:Ki5jLjqux1ANWEEsoO8CHieL1Gb8DZO44qDp03Vng/6Bl5JX5VV9:D1n1ATNH7xGbl4F0ZFlfX5D9

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1004	TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe

C:\Users\Admin\AppData\Local\Temp\TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe
"C:\Users\Admin\AppData\Local\Temp\TheHunter Call of the Wild V1692784 Trainer +8 MrAntiFun.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:1004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1004-0-0x00007FF8DC113000-0x00007FF8DC115000-memory.dmp

Filesize
8KB

Download
memory/1004-1-0x00007FF6E4A70000-0x00007FF6E5A70000-memory.dmp

Filesize
16.0MB

Download
memory/1004-2-0x00007FF8DC110000-0x00007FF8DCBD1000-memory.dmp

Filesize
10.8MB

Download
memory/1004-5-0x00007FF8DC110000-0x00007FF8DCBD1000-memory.dmp

Filesize
10.8MB

Download
memory/1004-6-0x00007FF8DC110000-0x00007FF8DCBD1000-memory.dmp

Filesize
10.8MB

Download
memory/1004-7-0x00007FF8DC110000-0x00007FF8DCBD1000-memory.dmp

Filesize
10.8MB

Download
memory/1004-8-0x00007FF8DC113000-0x00007FF8DC115000-memory.dmp

Filesize
8KB

Download
memory/1004-9-0x00007FF8DC110000-0x00007FF8DCBD1000-memory.dmp

Filesize
10.8MB

Download
memory/1004-10-0x00007FF8DC110000-0x00007FF8DCBD1000-memory.dmp

Filesize
10.8MB

Download