Overview
overview
10Static
static
10Mortal She...er.exe
windows7-x64
1Mortal She...er.exe
windows10-2004-x64
1Mortal She...er.exe
windows7-x64
1Mortal She...er.exe
windows10-2004-x64
1Mortal She...er.exe
windows7-x64
1Mortal She...er.exe
windows10-2004-x64
1Mortal She...er.exe
windows7-x64
1Mortal She...er.exe
windows10-2004-x64
1Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
27-12-2024 05:47
Behavioral task
behavioral1
Sample
Mortal Shell v1.0-Build.08.13.21 Plus 15 Trainer.exe
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral2
Sample
Mortal Shell v1.0-Build.08.13.21 Plus 15 Trainer.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Mortal Shell v1.0-Build.10.23.20 Plus 15 Trainer.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral4
Sample
Mortal Shell v1.0-Build.10.23.20 Plus 15 Trainer.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Mortal Shell v1.0-Build.21.01.21 Plus 15 Trainer.exe
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral6
Sample
Mortal Shell v1.0-Build.21.01.21 Plus 15 Trainer.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Mortal Shell v1.0 Plus 13 Trainer.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral8
Sample
Mortal Shell v1.0 Plus 13 Trainer.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
General
-
Target
Mortal Shell v1.0 Plus 13 Trainer.exe
-
Size
1.3MB
-
MD5
d5961a6704e7f1379b550142272c5168
-
SHA1
97c4e8127430b3fffe0bb9984d31f15df2b26068
-
SHA256
74b07a237420c44c649e02cfe137d4766d3f4a6b45bcd29dfe450a69a5437a2f
-
SHA512
b7f42f47d39f8703054a9c57898d96b3af72411cbd464a7fec216fa1198472a0ef1d420bafceb0b5fd6aab7e45d1d8d8e7b94afeb0be17c5a98620bcb2dc284c
-
SSDEEP
24576:HN7/ubgts9KaKnW6zf9IccIRr1AGlYbJ7xDSu8:MgtcNqjzKchZlYV7u
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe 4336 Mortal Shell v1.0 Plus 13 Trainer.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 4336 Mortal Shell v1.0 Plus 13 Trainer.exe