Overview
overview
7Static
static
updater.exe
windows10_x64
1runtimes/w...rp.dll
windows10_x64
1runtimes/w...re.dll
windows10_x64
1runtimes/w...me.dll
windows10_x64
1runtimes/w...v2.dll
windows10_x64
1runtimes/w...GL.dll
windows10_x64
1runtimes/w...ef.dll
windows10_x64
1runtimes/w...v2.dll
windows10_x64
3runtimes/w...GL.dll
windows10_x64
1runtimes/w...47.dll
windows10_x64
1runtimes/w...lf.dll
windows10_x64
1runtimes/w...rp.dll
windows10_x64
1runtimes/w...re.dll
windows10_x64
1runtimes/w...me.dll
windows10_x64
3runtimes/w...ss.exe
windows10_x64
1runtimes/w...re.dll
windows10_x64
3cscppcom.exe
windows10_x64
5UX Launcher.exe
windows10_x64
7UX Launcher.dll.exe
windows10_x64
3Newtonsoft.Json.dll
windows10_x64
1NUnrar.dll
windows10_x64
1EO.WebEngine.dll
windows10_x64
1EO.WebBrowser.dll
windows10_x64
1EO.Base.dll
windows10_x64
1CefSharp.Wpf.dll
windows10_x64
1Analysis
-
max time kernel
372s -
max time network
401s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
18-08-2021 18:23
Static task
static1
Behavioral task
behavioral1
Sample
updater.exe
Resource
win10v20210410
Behavioral task
behavioral2
Sample
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.dll
Resource
win10v20210408
Behavioral task
behavioral3
Sample
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.dll
Resource
win10v20210410
Behavioral task
behavioral4
Sample
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
Resource
win10v20210408
Behavioral task
behavioral5
Sample
runtimes/win-x64/lib/netcoreapp3.0/swiftshader/libGLESv2.dll
Resource
win10v20210410
Behavioral task
behavioral6
Sample
runtimes/win-x64/lib/netcoreapp3.0/swiftshader/libEGL.dll
Resource
win10v20210408
Behavioral task
behavioral7
Sample
runtimes/win-x64/lib/netcoreapp3.0/libcef.dll
Resource
win10v20210410
Behavioral task
behavioral8
Sample
runtimes/win-x64/lib/netcoreapp3.0/libGLESv2.dll
Resource
win10v20210410
Behavioral task
behavioral9
Sample
runtimes/win-x64/lib/netcoreapp3.0/libEGL.dll
Resource
win10v20210408
Behavioral task
behavioral10
Sample
runtimes/win-x64/lib/netcoreapp3.0/d3dcompiler_47.dll
Resource
win10v20210410
Behavioral task
behavioral11
Sample
runtimes/win-x64/lib/netcoreapp3.0/chrome_elf.dll
Resource
win10v20210408
Behavioral task
behavioral12
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.dll
Resource
win10v20210410
Behavioral task
behavioral13
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.dll
Resource
win10v20210408
Behavioral task
behavioral14
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
Resource
win10v20210410
Behavioral task
behavioral15
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.exe
Resource
win10v20210410
Behavioral task
behavioral16
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.Core.dll
Resource
win10v20210408
Behavioral task
behavioral17
Sample
cscppcom.exe
Resource
win10v20210410
Behavioral task
behavioral18
Sample
UX Launcher.exe
Resource
win10v20210408
Behavioral task
behavioral19
Sample
UX Launcher.dll.exe
Resource
win10v20210410
Behavioral task
behavioral20
Sample
Newtonsoft.Json.dll
Resource
win10v20210408
Behavioral task
behavioral21
Sample
NUnrar.dll
Resource
win10v20210410
Behavioral task
behavioral22
Sample
EO.WebEngine.dll
Resource
win10v20210410
Behavioral task
behavioral23
Sample
EO.WebBrowser.dll
Resource
win10v20210408
Behavioral task
behavioral24
Sample
EO.Base.dll
Resource
win10v20210410
Behavioral task
behavioral25
Sample
CefSharp.Wpf.dll
Resource
win10v20210408
General
-
Target
UX Launcher.dll.exe
-
Size
703KB
-
MD5
37bb41c2a36458278f9e7e57db857eb8
-
SHA1
e11cd02bdbdc04a5f01dbe4225692e875ae140a4
-
SHA256
63abf02eb02e2e289909a4eb3f7f936a6c677694ea913d120a4502f85ef1f54e
-
SHA512
028e7ee50f8e091c7720246dc2a01c29617d20b31048d7fae464a2edc7179c47219ff22fa642ebdef8786d058395109ccec686a7f669525ebbdf726d9231aab9
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2204 4072 WerFault.exe UX Launcher.dll.exe -
Suspicious behavior: EnumeratesProcesses 14 IoCs
Processes:
WerFault.exepid process 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe 2204 WerFault.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
WerFault.exedescription pid process Token: SeDebugPrivilege 2204 WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\UX Launcher.dll.exe"C:\Users\Admin\AppData\Local\Temp\UX Launcher.dll.exe"1⤵PID:4072
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 4072 -s 6762⤵
- Program crash
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2204