Overview

overview

3

Static

static

3

MethodPlug...ac.dll

windows7-x64

1

MethodPlug...ac.dll

windows10-2004-x64

1

MethodPlug...er.dll

windows7-x64

1

MethodPlug...er.dll

windows10-2004-x64

1

MethodPlug...al.dll

windows7-x64

1

MethodPlug...al.dll

windows10-2004-x64

1

MethodPlug...od.dll

windows7-x64

1

MethodPlug...od.dll

windows10-2004-x64

1

MethodPlug...ta.dll

windows7-x64

1

MethodPlug...ta.dll

windows10-2004-x64

1

MethodPlug...on.dll

windows7-x64

1

MethodPlug...on.dll

windows10-2004-x64

1

MethodPlug...et.dll

windows7-x64

1

MethodPlug...et.dll

windows10-2004-x64

1

MethodPlug...he.dll

windows7-x64

1

MethodPlug...he.dll

windows10-2004-x64

1

MethodPlug...es.dll

windows7-x64

1

MethodPlug...es.dll

windows10-2004-x64

1

MethodPlug...ns.dll

windows7-x64

1

MethodPlug...ns.dll

windows10-2004-x64

1

MethodPlug...ry.dll

windows7-x64

1

MethodPlug...ry.dll

windows10-2004-x64

1

MethodPlug...ns.dll

windows7-x64

1

MethodPlug...ns.dll

windows10-2004-x64

1

MethodPlug...ns.dll

windows7-x64

1

MethodPlug...ns.dll

windows10-2004-x64

1

MethodPlug...es.dll

windows7-x64

1

MethodPlug...es.dll

windows10-2004-x64

1

MethodPlug...ry.dll

windows7-x64

1

MethodPlug...ry.dll

windows10-2004-x64

1

MethodPlug...on.dll

windows7-x64

1

MethodPlug...on.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2023 14:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MethodPlugin/Microsoft.Extensions.DependencyInjection.Abstractions.dll

  • Size

    35KB

  • MD5

    1bc1277126655b767aa9e4cbc41bb5e6

  • SHA1

    5e46b938639a28651bd4de8eda438ccc5a212e1c

  • SHA256

    175dd59c6ef443c8350f5365db3ac262a2f72016d38e1abb304538dacbbe0918

  • SHA512

    93c73ecbbbef595af6168457f0805b0b53d40cc126ce33efaa2a65b86d92c27e1b0d3a468f3619bbec70c990601c6d94c8556083cb33e85011c709d4162d665e

  • SSDEEP

    384:23VVPJrgCcYGJiH4Dw/lbfQV460lER0+YUMiwEzITzW4PLWGaQHRN7Ot5ltV:CbPRgC4iHt9IVTBYMwEzIpJLOt7

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MethodPlugin\Microsoft.Extensions.DependencyInjection.Abstractions.dll,#1
    1⤵
      PID:1004
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3964
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1804

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        d16b2b8b44325e8ef3dd24e702552ed1

        SHA1

        17299bf50a34e5d41b86799461177c3da2382583

        SHA256

        9d9db4d5f416c879ad9e8ba9f1af032f13802280a2149b48e52f93c37d433d1a

        SHA512

        eb88fea416d4e944bbf27913e5cc8af8018bd913541f6f03765f2a4d4747c857373b2d86386cbe1aafeb45860061b5859e1ba921ac6b6f5df06344bb6e4c15ab

        Download Submit

      • memory/1804-40-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-33-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-42-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-34-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-35-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-36-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-37-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-38-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-43-0x000001C3B8130000-0x000001C3B8131000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-0-0x000001C3AFE40000-0x000001C3AFE50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1804-68-0x000001C3B8380000-0x000001C3B8381000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-32-0x000001C3B84E0000-0x000001C3B84E1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-39-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-44-0x000001C3B8120000-0x000001C3B8121000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-46-0x000001C3B8130000-0x000001C3B8131000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-49-0x000001C3B8120000-0x000001C3B8121000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-52-0x000001C3B8060000-0x000001C3B8061000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-16-0x000001C3AFF40000-0x000001C3AFF50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1804-64-0x000001C3B8260000-0x000001C3B8261000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-66-0x000001C3B8270000-0x000001C3B8271000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-67-0x000001C3B8270000-0x000001C3B8271000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1804-41-0x000001C3B8500000-0x000001C3B8501000-memory.dmp

        Filesize

        4KB

        Download