Overview

overview

3

Static

static

3

GTA6.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    102s
  • max time network
    106s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24/08/2024, 20:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    GTA6.exe

  • Size

    263.8MB

  • MD5

    e8ba1303f0e38982d7fa0f7e332b6fb9

  • SHA1

    0cd4c774cb3f4a5de1bcb799268fd3c9440baa48

  • SHA256

    c492808c0892519080906577d61c9180ebd0b77df5b701b60209be3f9027e917

  • SHA512

    8c4f79f1c3cbb83c94cf1354ce362beb1cbc08cfb51751345f61a87b5629a7bbe5db6a77f453e1848d04c5f0bff66070eca2680a7ffd1367bfcc3341c6015f85

  • SSDEEP

    1572864:rNMUq9nVhFfESQKbHyXkUCl++Ig2TmuAix/0omm691DvL9RMStF:ZMUqlFfESXOTmziUTPDvc6

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\GTA6.exe
    "C:\Users\Admin\AppData\Local\Temp\GTA6.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:552
    • C:\Windows\SYSTEM32\CMD.exe
      CMD.exe /C "cd "C:/Users/Admin/AppData/Local/Temp/Virus/main.dist" && main.exe verify"
      2⤵
        PID:4868
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x00000000000004B8 0x00000000000004D4
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2928

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/552-27-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-28-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-29-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-30-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-31-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-32-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-33-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-34-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-35-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download

          • memory/552-36-0x00007FF78FB20000-0x00007FF793F49000-memory.dmp

            Filesize

            68.2MB

            Download