Overview

overview

10

Static

static

10

Raft Early...22.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    1800s
  • max time network
    1174s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19-10-2024 10:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Raft Early Access Plus 20 Trainer Updated 2021.06.22.exe

  • Size

    1.5MB

  • MD5

    2ba5ab4d66828196aad3d559b135f230

  • SHA1

    071a78faaeb31fd7b49a2b71a9881881bbcc9b15

  • SHA256

    c17549ff06669b3e5a4c39b1ca58a1519f015a5b68fdfa56ef8b799c31a31d05

  • SHA512

    37299881fa0923e33a462f8e1ee71c821f91ce72f219ceb8119ff6669a664b26464d81263fc310cbc73597977c6f7665095ee3233760d5a2ccdd1d6444a2bed0

  • SSDEEP

    24576:YNnPnbI/Rm3yud11Ds4hx3qVfGZ8tQRp6C/0bJ7Bx4MDSdzzzzzzzzzzzzzzzzz3:j/RnuTlHx4GOw6C8V774

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Raft Early Access Plus 20 Trainer Updated 2021.06.22.exe
    "C:\Users\Admin\AppData\Local\Temp\Raft Early Access Plus 20 Trainer Updated 2021.06.22.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1956-0-0x00007FFE74F73000-0x00007FFE74F75000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1956-1-0x0000025B84440000-0x0000025B84472000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1956-2-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-5-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-6-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-8-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-15-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-16-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-17-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-18-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1956-19-0x00007FFE74F70000-0x00007FFE75A32000-memory.dmp

    Filesize

    10.8MB

    Download