efa19e5908e4063d1b104b810136d3138f4b34d1350c00123ae1543fbc93c012

Analysis

max time kernel
1800s
max time network
1147s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-10-2024 00:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Subnautica v1.0-v20210512 Plus 15 Trainer.exe
Size

1.6MB
MD5

802562bbcb719682e5239724bbcb66af
SHA1

26dddeaa207b363225a0bb923177096b753c681e
SHA256

20c61005893f31e43e1efb523cc80a6267cbaa1d0f878d8b54fca7e2878aa81f
SHA512

315969abd2052edb5dd53ed5e1e0080320dc948d8c52e13114ff3971d89a59ce4263cdb1be1d7eab85d1368a10ef437541a575727bb373bd4af83e2eeb33a696
SSDEEP

24576:KHfTuC9i/EAVw5MarrOE8Q78D03McY04WzDSOcxMbJ7:Kqh/9u6aGQgD0ccYKtcxMV7

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

Subnautica v1.0-v20210512 Plus 15 Trainer.exe

pid	process
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe
1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

Subnautica v1.0-v20210512 Plus 15 Trainer.exe

description pid process

Token: SeDebugPrivilege 1932 Subnautica v1.0-v20210512 Plus 15 Trainer.exe

description	pid	process
Token: SeDebugPrivilege	1932	Subnautica v1.0-v20210512 Plus 15 Trainer.exe

C:\Users\Admin\AppData\Local\Temp\Subnautica v1.0-v20210512 Plus 15 Trainer.exe
"C:\Users\Admin\AppData\Local\Temp\Subnautica v1.0-v20210512 Plus 15 Trainer.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1932-0-0x00007FFFD25E3000-0x00007FFFD25E5000-memory.dmp

Filesize
8KB

Download
memory/1932-1-0x000002117ABF0000-0x000002117AC2E000-memory.dmp

Filesize
248KB

Download
memory/1932-2-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-5-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-6-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-8-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-20-0x00007FFFD25E3000-0x00007FFFD25E5000-memory.dmp

Filesize
8KB

Download
memory/1932-21-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-22-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-23-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-24-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download
memory/1932-25-0x00007FFFD25E0000-0x00007FFFD30A1000-memory.dmp

Filesize
10.8MB

Download