4454d5fc11bafd948976ffe7232f0bd34e84e8ab4d8991abea1073c22478b33c

Submit
Reports

Overview

overview

Static

static

NART x AYS...ep.exe

windows7-x64

NART x AYS...ep.exe

windows10-2004-x64

NART x AYS...at.exe

windows7-x64

NART x AYS...at.exe

windows10-2004-x64

NART x AYS...64.exe

windows7-x64

NART x AYS...64.exe

windows10-2004-x64

$PLUGINSDIR/INetC.dll

windows7-x64

$PLUGINSDIR/INetC.dll

windows10-2004-x64

$PLUGINSDI...LL.dll

windows7-x64

$PLUGINSDI...LL.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

CPUEater.exe

windows7-x64

CPUEater.exe

windows10-2004-x64

Insights.exe

windows7-x64

Insights.exe

windows10-2004-x64

InstallHelper.exe

windows7-x64

InstallHelper.exe

windows10-2004-x64

LogViewer.exe

windows7-x64

LogViewer.exe

windows10-2004-x64

ProcessGovernor.exe

windows7-x64

ProcessGovernor.exe

windows10-2004-x64

ProcessLasso.exe

windows7-x64

ProcessLasso.exe

windows10-2004-x64

ProcessLas...er.exe

windows7-x64

ProcessLas...er.exe

windows10-2004-x64

QuickUpgrade.exe

windows7-x64

QuickUpgrade.exe

windows10-2004-x64

ThreadRacer.exe

windows7-x64

ThreadRacer.exe

windows10-2004-x64

TweakScheduler.exe

windows7-x64

TweakScheduler.exe

windows10-2004-x64

Analysis

max time kernel
111s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06-09-2024 21:30

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf link

3 signatures

Behavioral task

behavioral1

Sample

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/dpclat.exe

Resource

win7-20240903-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/dpclat.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/processlassosetup64.exe

Resource

win7-20240903-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/processlassosetup64.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/INetC.dll

Resource

win7-20240708-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/INetC.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240708-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

CPUEater.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

CPUEater.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

Insights.exe

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

Insights.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

InstallHelper.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral18

Sample

InstallHelper.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

LogViewer.exe

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

LogViewer.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

ProcessGovernor.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

ProcessGovernor.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral23

Sample

ProcessLasso.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

ProcessLasso.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

ProcessLassoLauncher.exe

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral26

Sample

ProcessLassoLauncher.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral27

Sample

QuickUpgrade.exe

Resource

win7-20240903-en

discovery

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral28

Sample

QuickUpgrade.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral29

Sample

ThreadRacer.exe

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

ThreadRacer.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

TweakScheduler.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

TweakScheduler.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe
Size

137KB
MD5

c81197ee2433d30c1731b2ddee8ae67b
SHA1

2a4fe29f28443936fbea66855c489098632f886c
SHA256

055425a39ce8e766055ee2de3f4cee1714bca31f274bf0c9f658009f551e9e73
SHA512

de1ab2c2cc47c058fd326ffe5f4cc9fe4b42b1407ad20c70138a34db92b17bd127021f3a50b2ef8fe15d3ac81d47ed0a2e2e91957850720215e05d1c8030b842
SSDEEP

1536:9qStkJ2I0E0Rm1qplwjQ5V/Eg78OJExsmXNe3az5U9zSaXUNpUvblnPnEyAU:nQ2I3PKwcDEg782E6+N75U9zSaX6IEc

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeIncBasePriorityPrivilege	3616	MeasureSleep.exe

Processes

C:\Users\Admin\AppData\Local\Temp\NART x AYSAFROMNAZARETH PACK\Bitsum Process Lasso Pro\MeasureSleep.exe
"C:\Users\Admin\AppData\Local\Temp\NART x AYSAFROMNAZARETH PACK\Bitsum Process Lasso Pro\MeasureSleep.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3616

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads