Overview

overview

3

Static

static

3

Evosoft.Sa...ac.dll

windows7-x64

1

Evosoft.Sa...ac.dll

windows10-2004-x64

1

Evosoft.Sa...er.dll

windows7-x64

1

Evosoft.Sa...er.dll

windows10-2004-x64

1

Evosoft.Sa...al.dll

windows7-x64

1

Evosoft.Sa...al.dll

windows10-2004-x64

1

Evosoft.Sa...ay.dll

windows7-x64

1

Evosoft.Sa...ay.dll

windows10-2004-x64

1

Evosoft.Sa...ta.dll

windows7-x64

1

Evosoft.Sa...ta.dll

windows10-2004-x64

1

Evosoft.Sa...on.dll

windows7-x64

1

Evosoft.Sa...on.dll

windows10-2004-x64

1

Evosoft.Sa...he.dll

windows7-x64

1

Evosoft.Sa...he.dll

windows10-2004-x64

1

Evosoft.Sa...es.dll

windows7-x64

1

Evosoft.Sa...es.dll

windows10-2004-x64

1

Evosoft.Sa...ns.dll

windows7-x64

1

Evosoft.Sa...ns.dll

windows10-2004-x64

1

Evosoft.Sa...ry.dll

windows7-x64

1

Evosoft.Sa...ry.dll

windows10-2004-x64

1

Evosoft.Sa...ns.dll

windows7-x64

1

Evosoft.Sa...ns.dll

windows10-2004-x64

1

Evosoft.Sa...ns.dll

windows7-x64

1

Evosoft.Sa...ns.dll

windows10-2004-x64

1

Evosoft.Sa...es.dll

windows7-x64

1

Evosoft.Sa...es.dll

windows10-2004-x64

1

Evosoft.Sa...ry.dll

windows7-x64

1

Evosoft.Sa...ry.dll

windows10-2004-x64

1

Evosoft.Sa...on.dll

windows7-x64

1

Evosoft.Sa...on.dll

windows10-2004-x64

1

Evosoft.Sa...on.dll

windows7-x64

1

Evosoft.Sa...on.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2023, 14:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Evosoft.SailPlay/Microsoft.Extensions.DependencyInjection.Abstractions.dll

  • Size

    35KB

  • MD5

    1bc1277126655b767aa9e4cbc41bb5e6

  • SHA1

    5e46b938639a28651bd4de8eda438ccc5a212e1c

  • SHA256

    175dd59c6ef443c8350f5365db3ac262a2f72016d38e1abb304538dacbbe0918

  • SHA512

    93c73ecbbbef595af6168457f0805b0b53d40cc126ce33efaa2a65b86d92c27e1b0d3a468f3619bbec70c990601c6d94c8556083cb33e85011c709d4162d665e

  • SSDEEP

    384:23VVPJrgCcYGJiH4Dw/lbfQV460lER0+YUMiwEzITzW4PLWGaQHRN7Ot5ltV:CbPRgC4iHt9IVTBYMwEzIpJLOt7

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Evosoft.SailPlay\Microsoft.Extensions.DependencyInjection.Abstractions.dll,#1
    1⤵
      PID:3552
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3976
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2132

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        8e023303dd94348adeb413172883fc89

        SHA1

        fc42786b67ae43a172cd5bd4b9f843c34da41ddf

        SHA256

        40b16d78a0e99960d352a2accd61fd9305741267eb2a83f715370d5a38d23fb5

        SHA512

        c9acc6aad89ccf5eef789790ebb9867a6f19d64018e044dc8977be1d5dc1927f7b992327baa5b289c03fcd18ad486009fe7b251134855adef6059054d56266d0

        Download Submit

      • memory/2132-40-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-42-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-33-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-34-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-35-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-36-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-37-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-38-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-39-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-43-0x000001D354960000-0x000001D354961000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-32-0x000001D354D10000-0x000001D354D11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-41-0x000001D354D30000-0x000001D354D31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-0-0x000001D34C640000-0x000001D34C650000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2132-44-0x000001D354950000-0x000001D354951000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-46-0x000001D354960000-0x000001D354961000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-49-0x000001D354950000-0x000001D354951000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-52-0x000001D354890000-0x000001D354891000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-16-0x000001D34C740000-0x000001D34C750000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2132-64-0x000001D354A90000-0x000001D354A91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-66-0x000001D354AA0000-0x000001D354AA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-67-0x000001D354AA0000-0x000001D354AA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2132-68-0x000001D354BB0000-0x000001D354BB1000-memory.dmp

        Filesize

        4KB

        Download