cea9e976bce7bc95f0be9b0c9a06b34966e424027482b98606ad3460dd191bf5

Analysis

max time kernel
150s
max time network
126s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
03-10-2024 17:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
Size

1.5MB
MD5

2e285f01bb135e5bcac8c19fec656b49
SHA1

a791d015e349566fd785c65ecaf945af9244152f
SHA256

f1f31ddd37995ca7e38bcb10853222b57ff274ea24ab6d619842e9ccd5b2bf3d
SHA512

6a2dbb371a31899816a0ba10595f3ace5af09980dd31d41bb0649597874763ab2b49a3c983aa8a973aa66d6e8462094d327c81f6561042dc00dc1a30a2222203
SSDEEP

24576:lAd3vG+XeNKiHkGNoyp2lN98WceDSVXT5X4pMLkoya:t+XfiEeo1lN1czXT5X4pvo1

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2344	Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe

C:\Users\Admin\AppData\Local\Temp\Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\Saints Row v1.1.4-v1.2.4 Plus 18 Trainer.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2344-0-0x000007FEF4F63000-0x000007FEF4F64000-memory.dmp

Filesize
4KB

Download
memory/2344-3-0x0000000001DC0000-0x0000000001DF2000-memory.dmp

Filesize
200KB

Download
memory/2344-6-0x000007FEF4F60000-0x000007FEF594C000-memory.dmp

Filesize
9.9MB

Download
memory/2344-7-0x000007FEF4F60000-0x000007FEF594C000-memory.dmp

Filesize
9.9MB

Download
memory/2344-8-0x0000000001D90000-0x0000000001D9A000-memory.dmp

Filesize
40KB

Download
memory/2344-9-0x000007FEF4F60000-0x000007FEF594C000-memory.dmp

Filesize
9.9MB

Download
memory/2344-28-0x000007FEF4F63000-0x000007FEF4F64000-memory.dmp

Filesize
4KB

Download
memory/2344-29-0x000007FEF4F60000-0x000007FEF594C000-memory.dmp

Filesize
9.9MB

Download
memory/2344-30-0x000007FEF4F60000-0x000007FEF594C000-memory.dmp

Filesize
9.9MB

Download
memory/2344-31-0x0000000001D90000-0x0000000001D9A000-memory.dmp

Filesize
40KB

Download
memory/2344-32-0x0000000001D90000-0x0000000001D9A000-memory.dmp

Filesize
40KB

Download
memory/2344-33-0x000007FEF4F60000-0x000007FEF594C000-memory.dmp

Filesize
9.9MB

Download