Overview

overview

10

Static

static

3

MoonCrypter.rar

windows11-21h2-x64

MoonCrypte...ip.dll

windows11-21h2-x64

1

MoonCrypte...CE.zip

windows11-21h2-x64

1

MoonCrypte...er.exe

windows11-21h2-x64

8

MoonCrypte...32.dll

windows11-21h2-x64

1

MoonCrypte...ce.exe

windows11-21h2-x64

1

MoonCrypte...er.exe

windows11-21h2-x64

MoonCrypte...32.dll

windows11-21h2-x64

1

MoonCrypter/fixer.exe

windows11-21h2-x64

8

Analysis

  • max time kernel
    91s
  • max time network
    208s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24-01-2025 21:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MoonCrypter/Jint/LICENCE.zip

  • Size

    73KB

  • MD5

    5ac57bee6febd79c760a08a6f4fbda37

  • SHA1

    fc9646f500d3d197932a890544081dfa05c00214

  • SHA256

    59a2f1e7e29689f58536f505b5479cbbef9d3e8e0a7ebfaa41dfb434f4667dea

  • SHA512

    9b424abc0b94598c7b35ba6398a0b4a21c6b4a32de31bab43af259af3cbdb407592d0eaff25c29d6a3def645e7e455b50375eb7ab3161bb64ea8ae5d9b48d65a

  • SSDEEP

    1536:rpD4FJMBNpOXCZTat+LAU3BbMrAy4LYI5zzrSaD45P:r2FWPOS0M8YP1LYli4F

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\MoonCrypter\Jint\LICENCE.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads