5f1992dd2b43541a02a77bccdb73ab2e47a17b9cd2a13e6a6cd40de2d12e7f20

Analysis

max time kernel
150s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
05-12-2024 07:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Mail Access Checker by xRisky v2 [Free version]/Data/Modules/Checker1.exe
Size

67.7MB
MD5

ca4b373ccf1990360ecc5c0b6f0b3b14
SHA1

8c385c650e51100aa5026f14f1b81d171b9fae4c
SHA256

7d05137859424894e35840aaf22666de2f5a48cc59ee9c22b6044bf388ab52bf
SHA512

b2987a1b8ddea877ee7da5b47146b8f60387b41dccaaaaa653f12f53d53abfc8fe7fe0d2a51e09e25ee8501b1634a4d0a888c45eb13172fd7c89a8b6fcf282c0
SSDEEP

1572864:lRWKf5aPpViUdnDIbhoIDt05cLHljPqHq2MbIep/AexKhHRnfYsdW4dU:lRWKfipViUdDIFb9qKZDVx8dU4d

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4248	Checker1.exe
4248	Checker1.exe
4248	Checker1.exe
4248	Checker1.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4248	Checker1.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4248	Checker1.exe
4248	Checker1.exe

C:\Users\Admin\AppData\Local\Temp\Mail Access Checker by xRisky v2 [Free version]\Data\Modules\Checker1.exe
"C:\Users\Admin\AppData\Local\Temp\Mail Access Checker by xRisky v2 [Free version]\Data\Modules\Checker1.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4248-1-0x00007FFFF8523000-0x00007FFFF8525000-memory.dmp

Filesize
8KB

Download
memory/4248-0-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-2-0x000000001AF60000-0x000000001B100000-memory.dmp

Filesize
1.6MB

Download
memory/4248-4-0x000000001AF60000-0x000000001B100000-memory.dmp

Filesize
1.6MB

Download
memory/4248-13-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-3-0x000000001AF60000-0x000000001B100000-memory.dmp

Filesize
1.6MB

Download
memory/4248-25-0x0000000180000000-0x0000000180005000-memory.dmp

Filesize
20KB

Download
memory/4248-22-0x0000000180000000-0x0000000180005000-memory.dmp

Filesize
20KB

Download
memory/4248-29-0x000000001D3E0000-0x000000001D50A000-memory.dmp

Filesize
1.2MB

Download
memory/4248-45-0x000000001D5A0000-0x000000001D6CA000-memory.dmp

Filesize
1.2MB

Download
memory/4248-46-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-37-0x000000001D3E0000-0x000000001D50A000-memory.dmp

Filesize
1.2MB

Download
memory/4248-32-0x000000001D3E0000-0x000000001D50A000-memory.dmp

Filesize
1.2MB

Download
memory/4248-47-0x000000001AF40000-0x000000001AF4A000-memory.dmp

Filesize
40KB

Download
memory/4248-64-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-63-0x000000001B2A0000-0x000000001B2AA000-memory.dmp

Filesize
40KB

Download
memory/4248-65-0x00007FFFF6D10000-0x00007FFFF6E5E000-memory.dmp

Filesize
1.3MB

Download
memory/4248-68-0x000000001B2A0000-0x000000001B2AA000-memory.dmp

Filesize
40KB

Download
memory/4248-67-0x000000001B2A0000-0x000000001B2AA000-memory.dmp

Filesize
40KB

Download
memory/4248-69-0x000000001B2A0000-0x000000001B2AA000-memory.dmp

Filesize
40KB

Download
memory/4248-55-0x000000001AF40000-0x000000001AF4A000-memory.dmp

Filesize
40KB

Download
memory/4248-52-0x000000001AF40000-0x000000001AF4A000-memory.dmp

Filesize
40KB

Download
memory/4248-49-0x000000001AF40000-0x000000001AF4A000-memory.dmp

Filesize
40KB

Download
memory/4248-70-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-19-0x0000000180000000-0x0000000180005000-memory.dmp

Filesize
20KB

Download
memory/4248-16-0x0000000180000000-0x0000000180005000-memory.dmp

Filesize
20KB

Download
memory/4248-75-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-79-0x000000001D500000-0x000000001D522000-memory.dmp

Filesize
136KB

Download
memory/4248-14-0x0000000180000000-0x0000000180005000-memory.dmp

Filesize
20KB

Download
memory/4248-90-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-91-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-92-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-93-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-94-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-95-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-96-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-97-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-98-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-99-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-100-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-101-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-102-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-103-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-104-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-105-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-106-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-107-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-108-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-109-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-110-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-111-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-112-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-113-0x000000001EEE0000-0x000000002026C000-memory.dmp

Filesize
19.5MB

Download
memory/4248-114-0x0000000020270000-0x00000000207BE000-memory.dmp

Filesize
5.3MB

Download
memory/4248-116-0x000000001E930000-0x000000001EA28000-memory.dmp

Filesize
992KB

Download
memory/4248-115-0x000000001E830000-0x000000001E928000-memory.dmp

Filesize
992KB

Download
memory/4248-117-0x0000000021950000-0x0000000021B0E000-memory.dmp

Filesize
1.7MB

Download
memory/4248-118-0x0000000021B10000-0x00000000221BC000-memory.dmp

Filesize
6.7MB

Download
memory/4248-119-0x00000000221C0000-0x000000002299A000-memory.dmp

Filesize
7.9MB

Download
memory/4248-120-0x0000000023600000-0x00000000239AC000-memory.dmp

Filesize
3.7MB

Download
memory/4248-121-0x00000000239B0000-0x0000000023E18000-memory.dmp

Filesize
4.4MB

Download
memory/4248-123-0x0000000023E90000-0x0000000023EB0000-memory.dmp

Filesize
128KB

Download
memory/4248-122-0x0000000023E20000-0x0000000023E92000-memory.dmp

Filesize
456KB

Download
memory/4248-124-0x0000000023EB0000-0x00000000240C4000-memory.dmp

Filesize
2.1MB

Download
memory/4248-125-0x0000000025430000-0x0000000025498000-memory.dmp

Filesize
416KB

Download
memory/4248-127-0x00000000254D0000-0x00000000254F2000-memory.dmp

Filesize
136KB

Download
memory/4248-128-0x00007FFFF8523000-0x00007FFFF8525000-memory.dmp

Filesize
8KB

Download
memory/4248-129-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-130-0x0000000025F00000-0x0000000025FAA000-memory.dmp

Filesize
680KB

Download
memory/4248-131-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-132-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-133-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-134-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-136-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-137-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-135-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-138-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-139-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-140-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-141-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-142-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-144-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-143-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-145-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-146-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-148-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-147-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-149-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download
memory/4248-150-0x00007FFFF8520000-0x00007FFFF8FE1000-memory.dmp

Filesize
10.8MB

Download