Overview

overview

7

Static

static

3

SashPub.rar

windows10-2004-x64

7

SashPub/SDL2.dll

windows10-2004-x64

1

SashPub/Sash.exe

windows10-2004-x64

1

SashPub/co...ry.bat

windows10-2004-x64

1

SashPub/da...yze.py

windows10-2004-x64

3

SashPub/da...fix.py

windows10-2004-x64

3

SashPub/da...ged.py

windows10-2004-x64

3

SashPub/da...ang.py

windows10-2004-x64

3

SashPub/da...ral.js

windows10-2004-x64

3

SashPub/da...ger.js

windows10-2004-x64

3

SashPub/da...ils.js

windows10-2004-x64

3

SashPub/freetype.dll

windows10-2004-x64

1

SashPub/libcurl.dll

windows10-2004-x64

1

SashPub/libeay32.dll

windows10-2004-x64

1

SashPub/li...-1.dll

windows10-2004-x64

1

SashPub/li...-1.dll

windows10-2004-x64

3

SashPub/libidn-11.dll

windows10-2004-x64

3

SashPub/libogg-0.dll

windows10-2004-x64

1

SashPub/libopus-0.dll

windows10-2004-x64

1

SashPub/li...-0.dll

windows10-2004-x64

1

SashPub/li...-1.dll

windows10-2004-x64

1

SashPub/lua/bitser.js

windows10-2004-x64

3

SashPub/lu...six.js

windows10-2004-x64

3

SashPub/lu...est.js

windows10-2004-x64

3

SashPub/lua/fs_win.js

windows10-2004-x64

3

SashPub/lua/glue.js

windows10-2004-x64

3

SashPub/lua/path.ps1

windows10-2004-x64

3

SashPub/lua51.dll

windows10-2004-x64

1

SashPub/minizip.dll

windows10-2004-x64

1

SashPub/ssleay32.dll

windows10-2004-x64

1

SashPub/z.dll

windows10-2004-x64

1

SashPub/zlib1.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    291s
  • max time network
    274s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2024, 15:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SashPub/Sash.exe

  • Size

    7.0MB

  • MD5

    d08f7a1cd6fd216836dadae4c4dc3d9e

  • SHA1

    af68023a678637547df7bb2d90922da8e048a13e

  • SHA256

    1780d37f52a6e9cb169c233e45eb0786692705130c3176e6977fdf855e6003eb

  • SHA512

    f34cc8cb3aa1dc9414b103d76df5a032be1356091e94eed31a6cd66eceac8516b20219d8463be1e4beb3d4e0265be126681cdf8de925371779210f10e91c661c

  • SSDEEP

    98304:7S7tnnkFkpTTn0nyJsJ84ukrUTtr6M3/rVu5y:7MnkFkVobiF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SashPub\Sash.exe
    "C:\Users\Admin\AppData\Local\Temp\SashPub\Sash.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:4216
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x2f4 0x448
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4216-14-0x0000000090E60000-0x0000000090E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-23-0x0000000061440000-0x000000006145C000-memory.dmp

    Filesize

    112KB

    Download

  • memory/4216-22-0x000000006C740000-0x000000006C877000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/4216-21-0x0000000062500000-0x0000000062557000-memory.dmp

    Filesize

    348KB

    Download

  • memory/4216-19-0x0000000066D80000-0x0000000066DFA000-memory.dmp

    Filesize

    488KB

    Download

  • memory/4216-20-0x0000000070680000-0x0000000070690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-18-0x000000006B240000-0x000000006B2BF000-memory.dmp

    Filesize

    508KB

    Download

  • memory/4216-17-0x0000000066F40000-0x0000000066F55000-memory.dmp

    Filesize

    84KB

    Download

  • memory/4216-16-0x0000000064940000-0x000000006495D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4216-15-0x0000000000400000-0x0000000000A14000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/4216-25-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-27-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-33-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-32-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-37-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-36-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-35-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-34-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-31-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-30-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-29-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-28-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-26-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-40-0x0000000090E60000-0x0000000090E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-42-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-41-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-43-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-44-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-45-0x0000000090E60000-0x0000000090E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-47-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-46-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-48-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-49-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-50-0x000000007A7A0000-0x000000007A7B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4216-55-0x0000000066D80000-0x0000000066DFA000-memory.dmp

    Filesize

    488KB

    Download

  • memory/4216-58-0x000000006C740000-0x000000006C877000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/4216-51-0x0000000000400000-0x0000000000A14000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/4216-60-0x0000000000400000-0x0000000000A14000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/4216-69-0x0000000000400000-0x0000000000A14000-memory.dmp

    Filesize

    6.1MB

    Download