c143c9e0fc9047c974e96f894d2a21b1606d48e68f7986e8d4393f2aa0383cbb

Submit
Reports

Overview

overview

Static

static

EGO-PLUS-1...55.zip

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E..._0.png

windows10-2004-x64

__MACOSX/E...ra.png

windows10-2004-x64

__MACOSX/E..._0.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...ld.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...ha.png

windows10-2004-x64

__MACOSX/E..._0.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...rd.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...on.png

windows10-2004-x64

__MACOSX/E...O+.txt

windows10-2004-x64

__MACOSX/E..._store

windows10-2004-x64

__MACOSX/E...cn.xml

windows10-2004-x64

__MACOSX/E...cn.xml

windows10-2004-x64

__MACOSX/E...en.xml

windows10-2004-x64

__MACOSX/E...ru.xml

windows10-2004-x64

__MACOSX/I...O+.txt

windows10-2004-x64

__MACOSX/�...O+.txt

windows10-2004-x64

Инстр...O+.txt

windows10-2004-x64

使用说明-EGO+.txt

windows10-2004-x64

Resubmissions

16/11/2023, 00:05

231116-ac6fhafg8z 3

Analysis

max time kernel
143s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231025-en
resource tags

arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
submitted
16/11/2023, 00:05

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

EGO-PLUS-112-1-2-2-1654075455.zip

Resource

win10v2004-20231023-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._DangoCreature_Imperfection.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._DangoCreature_Imperfection_0.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._DangoCreature_Kassandra.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._DangoCreature_Kassandra_0.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._FaithWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._GamblerWeapon.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._Gold.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._GrowthWeapon.png

Resource

win10v2004-20231025-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._HarmonyWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._InsanityWeapon.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._KnightOfDespair_Agatha.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._KnightOfDespair_Agatha_0.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._OldGloryWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._OtherWorldPortraitWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._PatientZeroWeapon.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._ReflectWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._SightWeapon.png

Resource

win10v2004-20231025-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._SnowQueenDuelSword.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._UnbalancedWeapon.png

Resource

win10v2004-20231023-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._WeakerWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

__MACOSX/EGO+/Equipment/Sprite/Weapon/._WordsWeapon.png

Resource

win10v2004-20231020-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

__MACOSX/EGO+/Equipment/txts/._EGO+.txt

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

__MACOSX/EGO+/Equipment/xmls/.ds_store

Resource

win10v2004-20231020-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

__MACOSX/EGO+/Equipment/xmls/cn/._Equipment_cn.xml

Resource

win10v2004-20231025-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

__MACOSX/EGO+/Equipment/xmls/cn/Equipment_cn.xml

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

__MACOSX/EGO+/Equipment/xmls/en/Equipment_en.xml

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

__MACOSX/EGO+/Equipment/xmls/ru/Equipment_ru.xml

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

__MACOSX/Instructions for use-EGO+.txt

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

__MACOSX/Инструкция для использования-EGO+.txt

Resource

win10v2004-20231025-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Инструкция для использования-EGO+.txt

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

使用说明-EGO+.txt

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

__MACOSX/EGO+/Equipment/xmls/cn/._Equipment_cn.xml
Size

327B
MD5

420d6e95416f3609c4602b5262c66a8f
SHA1

770c22335012aebdb25c26b83343d127c5a69d44
SHA256

5fefddb64482175e65c3ce936a7d22cb497fb759c26b410a2403299093e4ce09
SHA512

72926a145b3b553e588d7a34784285724ba409b0678f32e2a2733794e913f10049a9254be710cc3544b0eba00a9b49e96b0811ee5ccdb221d31fc9fbd67f854c

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\__MACOSX\EGO+\Equipment\xmls\cn\._Equipment_cn.xml"
1⤵
PID:2328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2328-0-0x00007FFEDAE10000-0x00007FFEDAE20000-memory.dmp

Filesize
64KB

Download
memory/2328-1-0x00007FFF1AD90000-0x00007FFF1AF85000-memory.dmp

Filesize
2.0MB

Download
memory/2328-2-0x00007FFF1AD90000-0x00007FFF1AF85000-memory.dmp

Filesize
2.0MB

Download
memory/2328-3-0x00007FFF188B0000-0x00007FFF18B79000-memory.dmp

Filesize
2.8MB

Download
memory/2328-4-0x00007FFEDAE10000-0x00007FFEDAE20000-memory.dmp

Filesize
64KB

Download
memory/2328-5-0x00007FFF1AD90000-0x00007FFF1AF85000-memory.dmp

Filesize
2.0MB

Download