a652ee8c16aec1d60c7b9c4dc2fb8accfda87992cf4e85a042e69d0fd18a44b9

Analysis

max time kernel
146s
max time network
139s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
02-09-2024 19:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Beat Banger - SteamGG.NET/beatbanger.exe
Size

189.2MB
MD5

75e34ca5c1c7be619c01169e656ef271
SHA1

f9d3ca021469467f6bd3ce551f10ce2c4d51e804
SHA256

d4653febeeb60d35db6755f578a9fb923657270648c9c5129ae81a1430a3e633
SHA512

0b3a16d90c9c29b25df4593e371bcf2e372f61fd088378c760389ade461e7e6cb43bfc302f772d820eec3807dc615bc331fe0714e19c436eb3308158c8e24189
SSDEEP

3145728:f4gNkdnqqdvAr+GgRdpf+eV656E4USZQ6IdhYAuoRx:fmdn9mqhRjf+eVIujI4AuoT

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

AUDIODG.EXE

description pid process

Token: 33 212 AUDIODG.EXE
Token: SeIncBasePriorityPrivilege 212 AUDIODG.EXE
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

beatbanger.exe

pid process

5088 beatbanger.exe
Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

beatbanger.exe

pid process

5088 beatbanger.exe
5088 beatbanger.exe
5088 beatbanger.exe

description	pid	process
Token: 33	212	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	212	AUDIODG.EXE

pid	process
5088	beatbanger.exe

pid	process
5088	beatbanger.exe
5088	beatbanger.exe
5088	beatbanger.exe

C:\Users\Admin\AppData\Local\Temp\Beat Banger - SteamGG.NET\beatbanger.exe
"C:\Users\Admin\AppData\Local\Temp\Beat Banger - SteamGG.NET\beatbanger.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:5088

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Godot\app_userdata\Beat Banger\settings.ini

Filesize
256B

MD5
0b9328ee5fe8aca8b671a526c0320a34

SHA1
d15ca3909180b246054676799933ef23085f4264

SHA256
699f4315b5048c6721e90fee12a6a178aa2c3bf3521eac5cd713b548d3fe4b14

SHA512
e5460909810ee87146d157dcd527a038c23380f4dc989d9c3236e0503842e7f855f09f0b95244c913b82bd67bfc1f956196cdb443a39627121927b885dbaa83e

Download Submit
memory/5088-92-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-93-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-94-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-95-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-96-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-97-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-98-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-99-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-100-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-101-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-102-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-103-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-104-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download
memory/5088-105-0x00007FF7A5BC0000-0x00007FF7AA8FD000-memory.dmp

Filesize
77.2MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads