Analysis

  • max time kernel
    210s
  • max time network
    200s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250502-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250502-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/07/2025, 05:24

General

  • Target

    http://rundlemallplaza.com.au

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://rundlemallplaza.com.au
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff95f3dcf8,0x7fff95f3dd04,0x7fff95f3dd10
      2⤵
        PID:6072
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1536,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=2032 /prefetch:3
        2⤵
          PID:1436
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2020,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=2016 /prefetch:2
          2⤵
            PID:876
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2372,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=2536 /prefetch:8
            2⤵
              PID:5684
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3124 /prefetch:1
              2⤵
                PID:4616
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3160 /prefetch:1
                2⤵
                  PID:4600
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4128,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4148 /prefetch:2
                  2⤵
                    PID:6088
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4732,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4716 /prefetch:1
                    2⤵
                      PID:4584
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5600,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5536 /prefetch:8
                      2⤵
                        PID:3056
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=208,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3380 /prefetch:8
                        2⤵
                          PID:4132
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4740,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=3400 /prefetch:8
                          2⤵
                            PID:5048
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5532,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5632 /prefetch:8
                            2⤵
                              PID:3256
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4912,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=4124 /prefetch:8
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:4508
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4560,i,830907740439942441,4717603271122321034,262144 --variations-seed-version=20250501-050124.630000 --mojo-platform-channel-handle=5116 /prefetch:8
                              2⤵
                                PID:5440
                            • C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
                              "C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
                              1⤵
                                PID:4796
                              • C:\Windows\system32\svchost.exe
                                C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                1⤵
                                  PID:452

                                Network

                                      MITRE ATT&CK Enterprise v16

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                        Filesize

                                        414B

                                        MD5

                                        d4eb5b1e80c91375574f453ac65f30d8

                                        SHA1

                                        f41f73675d214fda4a1b43b1db88a4f5cad3f952

                                        SHA256

                                        3cf99516031de48b6a18e975840099b3b9da657b4ed0b80bc1afd3a9dec540df

                                        SHA512

                                        f2357b90e6c10481abe3e581bf37b658713327c01d4be2bd451fcd5721765ab9f0f302ae2ffde6d4302464b29b7633af0eb8fb8c9d76bc8929f585f112867f38

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

                                        Filesize

                                        840B

                                        MD5

                                        c0eb776b51cf4eeaf5819b55fb780d53

                                        SHA1

                                        e598a04414845a86d526782aaef302bb03860825

                                        SHA256

                                        d24c73dfc8a951e597a67d4c350de0fbd48b0682a5930cd0ad49509427235780

                                        SHA512

                                        9cc2f465d5e22b3bc103bf4b3f82f633cd918ca62dfa6461b5ee5ca292f224287bacad907e7bc5205b26c5d68c2d37bdae29306428bca33975df07e72243654f

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                        Filesize

                                        624B

                                        MD5

                                        d4f79aa5bef5d8857fee8eb0bf4ef0a4

                                        SHA1

                                        c4a4a7529e54f16806cd576abab2c81e72b49007

                                        SHA256

                                        fa793b159f5dda4f576a6894fa8e0994d1ec2b9c7a61c17e3ac713af9427ccbd

                                        SHA512

                                        ef76ac06d40dacb4863a4b6cb5e5a15a781ec91ba6302b2fad335e18997ca8794259801af02cdebe58be116a4d87c42309868789cceed49fe9153baa0c1adc7d

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                        Filesize

                                        3KB

                                        MD5

                                        d56f84678e3a0968e697ad3de2c94fff

                                        SHA1

                                        619a2fdce4e98a99965b57d0cad83a31d798c9e9

                                        SHA256

                                        4db263b9b1ebdda2563132da47a51cfa811e600d36a9f48ee06189247746f894

                                        SHA512

                                        b8dd7a22ce734d94fd8fe241bf3933a4f33823e494ca87b1611c1547592916f300273b90a03a18b52346c001038ec39bc765873078458f4594d0a4e7440c643a

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                        Filesize

                                        4KB

                                        MD5

                                        666f0e011fdaff7085f8810ec1312837

                                        SHA1

                                        e1ac319d3fb67da8f04ea103e70244a0b153b30a

                                        SHA256

                                        ef5cc98a0a5bfe0df540a5ac94ebee45abc26da176f1b8031338c649ad77b17b

                                        SHA512

                                        7c94a20d3dfce4e78272077030ff887e4567fc7774be654225a84fdea959c0db073717f1e4c23c66838f816ab6d988d28f6d637aa6cbf69a3db1a78294eeeb4a

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                        Filesize

                                        3KB

                                        MD5

                                        71e98e9865744fb36d8d01ec0725f90e

                                        SHA1

                                        97dcc305404bc512e3375a15ae0178f1ea072860

                                        SHA256

                                        879d150b4f4da10ec53fadfca4d244126942aadd0e02ad7c7eefdb50edd34f24

                                        SHA512

                                        92120c1a520551d763fe30625633548b5bbfb1e64c62221bb40fccc8844d32a746d175033b0e1f892742bd6fbbfb3110a42ac35ed5eadee2054ebccfe5fc9c4e

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                        Filesize

                                        1KB

                                        MD5

                                        e357c7ab86ef50125a10d41e18735016

                                        SHA1

                                        39b912f0f512be23cea4bb412b1e7877432b9311

                                        SHA256

                                        45ca3ba6b57f3243d030ff8ac843c7a3aa15a307fa87a04853c121a4938dc0c2

                                        SHA512

                                        c3cf066e3282c7bd55f81e36cd2be3c266b2d433cb1c8644c7cb06ca43d08918636f581355eab39cfa79f7e8eec0a4c18ac90e1dc374727fa7cb1e5eec08215c

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                        Filesize

                                        2B

                                        MD5

                                        d751713988987e9331980363e24189ce

                                        SHA1

                                        97d170e1550eee4afc0af065b78cda302a97674c

                                        SHA256

                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                        SHA512

                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                        Filesize

                                        11KB

                                        MD5

                                        47fdbf10142f9a81bf024093aa77cee9

                                        SHA1

                                        093e79d0b7cb853229fece0d463f5fd1b1deb335

                                        SHA256

                                        90d06bd2868bd5b72558c394b720469f89caee50e9cbc8418b84d51f53ddb4fa

                                        SHA512

                                        d4027b3dbf8d6e5e7c4d80f71481bdd8b5b5ac20f06b93b819504108f6b455b682ee4d62018dfb20ed8c5ed97afbad6a2c4300d8386643f63659422f34bd4e4b

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                        Filesize

                                        10KB

                                        MD5

                                        eba6c8c9e0aff06c3895eacaeed3c85a

                                        SHA1

                                        d7af156308c4870161c306285fb5bfa7384aba95

                                        SHA256

                                        39a07a2c91a80743368ac9ea9a51ff7b34d9a30b9a4a56f486c287b94519d1a4

                                        SHA512

                                        3e2a8244225ecb121c7b60412078981616893bf6be80b573ad7d5c80cf942961ad97f2b972be961593d80e2c2241838c01c41d970d62555119877e34b0f53e14

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                        Filesize

                                        10KB

                                        MD5

                                        da6839889469ab8e4b1ec923cebba008

                                        SHA1

                                        aa376c93e134813af96cbc1f91c6965030776767

                                        SHA256

                                        29f7e29a2e365462df324f5e2e89d46c8c886c8ca39a06b0825549153bcea0df

                                        SHA512

                                        b0bc2d40f67ac2f086e4c9a33afc8a366574622654b4116b1178f81c012d1d6d038183270a10b6a62d19acd3661086717e9e9df4f3d1222ae6492956e40aed90

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                        Filesize

                                        15KB

                                        MD5

                                        e729efef0721795dcd37e91fefe504c8

                                        SHA1

                                        e6d9aeb11858ff7af01fbacc769df6efe776441c

                                        SHA256

                                        dd886131b239603bd651803f5e321850072bac71afa2c0f38ce33b6b2f9bca2c

                                        SHA512

                                        326ab39fe84c0a1d8efd371262742e83bd185359717178360e846fec312483eb826887733cdda30c9dc30c2e125efd048a8915707e91c9d83eb92c43cfbf6839

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                        Filesize

                                        48B

                                        MD5

                                        7b8cd01feb769f1f5fa2c68a158f90c4

                                        SHA1

                                        eedfbd67ca1456bda06b69befc5d74041ad27132

                                        SHA256

                                        f9d5aa2e62838fbf831a312d33f8d27734c705c234cb1378c5d4d82a3776fef0

                                        SHA512

                                        466eb97aae0dce9d31b093398d6854fbd5ecec19bd8bcd528cd23b122bbb96ff00fc82ab38f814a097c9859bbcc0d03c34903a7629506f6ad06db448e537e0f0

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                        Filesize

                                        72B

                                        MD5

                                        960eb42a53d3d2f35dd4849f136e33b4

                                        SHA1

                                        b7c4dc7136a5390553e0fdc5cbfe7bb865612c56

                                        SHA256

                                        d4b1c84ccdf905554a17fede871f3fcc4f81d71e7833183091afb5a4e48b777f

                                        SHA512

                                        b858f219bdda7d16c335089dce1c818d2582ebedc2b664330e0d1da4cbc13e0f818ed4d6b002a01665f402a15838be75cc3e0a7d5513fbecbda412e26fc7ff08

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                        Filesize

                                        80KB

                                        MD5

                                        88a9fece203aa4eeda508f5fab65c0df

                                        SHA1

                                        7ca555693bc1b36882740a867772f94026654718

                                        SHA256

                                        492e60a6bb96ca9bf5c5de8b9de51aa11f6cd727f1554936eb25b18192a3f8a3

                                        SHA512

                                        30639bced7513c9aafb05f59a2a7a662a38e8425f843b299cc76adaf3e25f0a287d24d0686e103e9760984411422ba923e9ef04beef7e27f60683c39c684e2bd

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                        Filesize

                                        80KB

                                        MD5

                                        f5b83e240d758b9aca1ef6e3fadc9af8

                                        SHA1

                                        8301937e630a85f4ab5b90242b01bb4b2edd9f7b

                                        SHA256

                                        801dfbb434cb0d1ab9defd6f9af7fb0c136e6197a3c8d37fe168974203497e75

                                        SHA512

                                        225b4128f7424311efc7da361455881107b0d627e3253be13e46786653aceffade697057fb99569583ed3838bfe1f3e254e86e811336c20058c55d5cc890cd23

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                        Filesize

                                        80KB

                                        MD5

                                        706b4277feeb94efa5d15b3ff6b62d22

                                        SHA1

                                        dc7d7291a366d37df88d32e46f290a6e0897803e

                                        SHA256

                                        66683f8c4c482414223d4e92942ac120c927aea1160b7c0b250a080f6b4f2725

                                        SHA512

                                        1439dceb1d349df449df9d47e268c4db0833b91c8badb7789d80de683c216ec3b3b44bf80504a4f28c81f95cb8ca5255df51617652df3ec4246389c5e658c58c

                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                        Filesize

                                        79KB

                                        MD5

                                        9d80a9f2ce8f13ad68c72510256689b2

                                        SHA1

                                        6834e30bf6eee9e2df32574396aab0f11380435f

                                        SHA256

                                        43226b04a969e5a4abfc7a2a7d4a9fe0ae4adbf46fb7d1b234889c645e350783

                                        SHA512

                                        428f2d68f5937c09c8d3d752ede01e82e77ed385c07e012401203da484ba8be595e5a068d56d9044514bc7aa5ba230751d1e9ee3d1f0af035d3cd651566dfc6f