Overview

overview

10

Static

static

10

Monster Hu...er.exe

windows7-x64

1

Monster Hu...er.exe

windows10-2004-x64

1

v2/Monster...v2.exe

windows7-x64

1

v2/Monster...v2.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 12:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Monster Hunter World v20200109-v20200205 Plus 66 Trainer.exe

  • Size

    1.8MB

  • MD5

    d8c374e06eb50b0db53e0c7ce48bbee1

  • SHA1

    9153f2d7e1568a727efbf44e2eea4357dcff6913

  • SHA256

    3b338fd7103945457f54d57fb680d9f90f6d4b35a2890a1e067394a594bc209c

  • SHA512

    120200695e634ca0b83fd5d29eb1257a47f1e593973b17cdd1fc0d9ff7686965bf889a0032daabdb8fd33134e575f67c3f4c3a67d1a4477e85ff184ca7e51681

  • SSDEEP

    24576:1+l/qtAXxSE8zuWKXWZy5x4eyD2xZgjqOOGaPECkDtGQjnEd6vVfaceDSfWB:y3SRwXgXw4OZ/kwonPvtac

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Monster Hunter World v20200109-v20200205 Plus 66 Trainer.exe
    "C:\Users\Admin\AppData\Local\Temp\Monster Hunter World v20200109-v20200205 Plus 66 Trainer.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1624 -s 784
      2⤵
        PID:2816

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1624-0-0x000007FEF57E3000-0x000007FEF57E4000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1624-1-0x0000000000250000-0x0000000000282000-memory.dmp

      Filesize

      200KB

      Download

    • memory/1624-2-0x000007FEF57E0000-0x000007FEF61CC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1624-3-0x000007FEF57E0000-0x000007FEF61CC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1624-4-0x000007FEF57E0000-0x000007FEF61CC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1624-5-0x000007FEF57E0000-0x000007FEF61CC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1624-9-0x000007FEF57E0000-0x000007FEF61CC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1624-10-0x000007FEF57E3000-0x000007FEF57E4000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1624-11-0x000007FEF57E0000-0x000007FEF61CC000-memory.dmp

      Filesize

      9.9MB

      Download