Overview

overview

10

Static

static

10

Resident E...er.exe

windows10-2004-x64

1

Resubmissions

18-01-2025 19:11

250118-xvyvps1na1 10

Analysis

  • max time kernel
    28s
  • max time network
    23s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2025 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Resident Evil 7 Biohazard v1.0-v20220613 Plus 14 Trainer.exe

  • Size

    1.2MB

  • MD5

    17d3f8bea5b7213dd24273b4c9df7073

  • SHA1

    4a8aa865dcc911313dbd503922ebf92728187bd7

  • SHA256

    18c9196e00b0740a26d4925f18ed2944e2700f4cf91cca2c1bad3a769c85753c

  • SHA512

    bbee979c3e7da7c9575a29b9fb9146bb97f76b5690028ad98fb13f8c6540b886fd5c39e7a69092d260516ba3f8a532ccf76936610e836f962749ac2aadf1469f

  • SSDEEP

    24576:wYUrQABbyYRTRyJYzOuA47p03qgGKpigjU8K5KVIDSSPcm4bJ7:KMABbRtyUlpF8KVKV7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Resident Evil 7 Biohazard v1.0-v20220613 Plus 14 Trainer.exe
    "C:\Users\Admin\AppData\Local\Temp\Resident Evil 7 Biohazard v1.0-v20220613 Plus 14 Trainer.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4708-1-0x000002325D480000-0x000002325D4C8000-memory.dmp

    Filesize

    288KB

    Download

  • memory/4708-0-0x00007FFAA2AA3000-0x00007FFAA2AA5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4708-2-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-5-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-6-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-8-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-18-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-19-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-20-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-21-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4708-22-0x00007FFAA2AA0000-0x00007FFAA3561000-memory.dmp

    Filesize

    10.8MB

    Download