441c40dab907570edb0bbd3e3877d337a7656799d8c185831deaad1cd7d5ee26

Submit
Reports

Overview

overview

Static

static

COVAULT-19...r).rar

windows10-2004-x64

COVAULT-19...s.json

windows10-2004-x64

COVAULT-19...19.exe

windows10-2004-x64

COVAULT-19...19.exe

windows10-2004-x64

COVAULT-19...19.pdb

windows10-2004-x64

COVAULT-19...v.json

windows10-2004-x64

COVAULT-19...g.json

windows10-2004-x64

COVAULT-19...ry.dll

windows10-2004-x64

COVAULT-19...on.dll

windows10-2004-x64

COVAULT-19...og.dll

windows10-2004-x64

COVAULT-19...ol.dll

windows10-2004-x64

COVAULT-19...ws.dll

windows10-2004-x64

COVAULT-19...er.dll

windows10-2004-x64

COVAULT-19...er.dll

windows10-2004-x64

COVAULT-19...ws.dll

windows10-2004-x64

COVAULT-19...og.dll

windows10-2004-x64

COVAULT-19...ol.dll

windows10-2004-x64

COVAULT-19...ws.dll

windows10-2004-x64

COVAULT-19...ry.dll

windows10-2004-x64

COVAULT-19...er.dll

windows10-2004-x64

COVAULT-19...rp.dll

windows10-2004-x64

Analysis

max time kernel
1798s
max time network
1588s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18-04-2023 15:25

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

COVAULT-19 (server).rar

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

1800 seconds

Behavioral task

behavioral2

Sample

COVAULT-19 (server)/COVAULT-19.deps.json

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

1800 seconds

Behavioral task

behavioral3

Sample

COVAULT-19 (server)/COVAULT-19.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

COVAULT-19 (server)/COVAULT-19.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

1800 seconds

Behavioral task

behavioral5

Sample

COVAULT-19 (server)/COVAULT-19.pdb

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral6

Sample

COVAULT-19 (server)/COVAULT-19.runtimeconfig.dev.json

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral7

Sample

COVAULT-19 (server)/COVAULT-19.runtimeconfig.json

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral8

Sample

COVAULT-19 (server)/Microsoft.Win32.Registry.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral9

Sample

COVAULT-19 (server)/Newtonsoft.Json.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

COVAULT-19 (server)/System.Diagnostics.EventLog.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

COVAULT-19 (server)/System.Security.AccessControl.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

COVAULT-19 (server)/System.Security.Principal.Windows.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

COVAULT-19 (server)/System.ServiceProcess.ServiceController.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

COVAULT-19 (server)/WindowsFirewallHelper.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

COVAULT-19 (server)/runtimes/unix/lib/netcoreapp2.1/System.Security.Principal.Windows.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.0/System.Diagnostics.EventLog.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.0/System.Security.AccessControl.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.1/System.Security.Principal.Windows.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

COVAULT-19 (server)/runtimes/win/lib/netstandard2.0/Microsoft.Win32.Registry.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

COVAULT-19 (server)/runtimes/win/lib/netstandard2.0/System.ServiceProcess.ServiceController.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

COVAULT-19 (server)/websocket-sharp.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

COVAULT-19 (server)/System.Diagnostics.EventLog.dll
Size

49KB
MD5

14b8ab0f426d52342f2098023b287623
SHA1

d79df6f5f70373e70202782aad9edd76db95939e
SHA256

c476fbc42f2a4161833020ea65e8a895561f6b64c6f531d52dda4324d27b4d8b
SHA512

8237d400336afd2e4faddf139e74935e5a9b530684fdea37843d2aaa73bd8e1505a3acabb7368551c6ec53bd7877ca75f3c6541c1f81d8964772d1d5cf9d7b88
SSDEEP

768:etd17d/cc2PK5SUizOAFipsH+MKmL+7NQ1OaY7pykJ:KF/cc26whifMmNP7pykJ

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\COVAULT-19 (server)\System.Diagnostics.EventLog.dll",#1
1⤵
PID:1696

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads