Analysis
-
max time kernel
148s -
max time network
121s -
platform
windows11-21h2_x64 -
resource
win11-20231129-en -
resource tags
arch:x64arch:x86image:win11-20231129-enlocale:en-usos:windows11-21h2-x64system -
submitted
09-12-2023 15:31
Behavioral task
behavioral1
Sample
Guna.UI2.dll
Resource
win11-20231129-en
windows11-21h2-x64
Behavioral task
behavioral2
Sample
Launcher.exe
Resource
win11-20231129-en
windows11-21h2-x64
Behavioral task
behavioral3
Sample
addons/clean.exe
Resource
win11-20231129-en
windows11-21h2-x64
Behavioral task
behavioral4
Sample
addons/x64.exe
Resource
win11-20231129-en
windows11-21h2-x64
General
-
Target
addons/x64.exe
-
Size
1.4MB
-
MD5
fd8e566d88637434734ccd92a7d865fa
-
SHA1
0f11ce240cfddb9e83388678a1a0217a568ccd2c
-
SHA256
aaff12ff60520346cc72bb89fb2b879edfaf187e32e821a1486c6b5771eaa687
-
SHA512
610bfc4851358f281e88fb351724d54f6b4eea23723930ce7d0fa46b04d405d6457b90b58f9112539912e22a55d8ea3d26f52d94c90124cd13864b5fd01a0bcc
-
SSDEEP
24576:0T+hNLKhKnnxzIFlHmDbCnBdsZBlTLQxczp07vZORwm24kXqgKdfDjIzQW8bY03U:0SzLKhKnnmFlHOWnTQT3zxRj24kXGdfM
Malware Config
Signatures
-
Drops file in Windows directory 1 IoCs
description ioc Process File created C:\Windows\IME\Archive.dll x64.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe 660 x64.exe