c48b1d0562f49f921b34fa58c952a4dd991d111003c3543f8852fdddb0b0da4f

Resubmissions

18-12-2024 18:26

18-12-2024 17:16

max time kernel
93s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
18-12-2024 18:26

Target

Moon/MoonBETARUNBOOT.exe
Size

135KB
MD5

2f4a9e448314620c6395ffeb7b2badf2
SHA1

45649c5a62007d47c90ddaa072ba746f04e5fb9b
SHA256

23fa7314c51fccaac9a9e79a67951194379ba785f1ef6b3932daa0ad62455eab
SHA512

fe882ecb71ab4b2d5ae00ba3cb8ee4e1b1d3f5cfc08ac3bbeb0360b55718f5433a96d1588be792efd0688e8855a3a593d0c79234e4e0eca95ba0bad9bc8530c0
SSDEEP

3072:rjK4UGDHXrQ8hy7qgpHulWD9ZvZ5Pf3Ca10xuZ04ntfObhBuU:rjK4TDUqgpqWDLZ5H+xuZ04shA

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5076	MoonBETARUNBOOT.exe
5076	MoonBETARUNBOOT.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	5076	MoonBETARUNBOOT.exe