Overview
overview
3Static
static
35224829/AI...engine
ubuntu-18.04-amd64
5224829/AI...ne.exe
windows7-x64
15224829/AI...ne.exe
windows10-2004-x64
15224829/AI...32.dll
windows7-x64
35224829/AI...32.dll
windows10-2004-x64
35224829/AI...iew.js
windows7-x64
15224829/AI...iew.js
windows10-2004-x64
15224829/AI...ss.vbs
windows7-x64
15224829/AI...ss.vbs
windows10-2004-x64
15224829/AI...ate.js
windows7-x64
15224829/AI...ate.js
windows10-2004-x64
15224829/AI...ms.exe
windows7-x64
15224829/AI...ms.exe
windows10-2004-x64
15224829/AI...MO.exe
windows7-x64
15224829/AI...MO.exe
windows10-2004-x64
15224829/AI...ut.dll
windows7-x64
15224829/AI...ut.dll
windows10-2004-x64
15224829/AI...32.dll
windows7-x64
35224829/AI...32.dll
windows10-2004-x64
35224829/AI...th.exe
windows7-x64
15224829/AI...th.exe
windows10-2004-x64
15224829/AI...ocking
ubuntu-18.04-amd64
5224829/AI...ng.exe
windows7-x64
15224829/AI...ng.exe
windows10-2004-x64
15224829/AI...32.dll
windows7-x64
35224829/AI...32.dll
windows10-2004-x64
35224829/AI.../FUZZY
ubuntu-18.04-amd64
5224829/AI...ZY.exe
windows7-x64
15224829/AI...ZY.exe
windows10-2004-x64
5224829/AI...NLIST1
ubuntu-18.04-amd64
5224829/AI...NLIST2
ubuntu-18.04-amd64
5224829/AI...NLIST3
ubuntu-18.04-amd64
Analysis
-
max time kernel
146s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
13/01/2024, 02:18
Static task
static1
Behavioral task
behavioral1
Sample
5224829/AI/00Rabin/ai_engine
Resource
ubuntu1804-amd64-20231222-en
ubuntu-18.04-amd64
Behavioral task
behavioral2
Sample
5224829/AI/00Rabin/ai_engine.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral3
Sample
5224829/AI/00Rabin/ai_engine.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral4
Sample
5224829/AI/00Rabin/glut32.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral5
Sample
5224829/AI/00Rabin/glut32.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
5224829/AI/01Dybsand/ChildView.js
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral7
Sample
5224829/AI/01Dybsand/ChildView.js
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
5224829/AI/01Dybsand/FSMclass.vbs
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral9
Sample
5224829/AI/01Dybsand/FSMclass.vbs
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral10
Sample
5224829/AI/01Dybsand/FSMstate.js
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral11
Sample
5224829/AI/01Dybsand/FSMstate.js
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral12
Sample
5224829/AI/01Dybsand/GameGems.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral13
Sample
5224829/AI/01Dybsand/GameGems.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral14
Sample
5224829/AI/03Stout/PATHDEMO.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral15
Sample
5224829/AI/03Stout/PATHDEMO.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral16
Sample
5224829/AI/06Snook/glut.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral17
Sample
5224829/AI/06Snook/glut.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
5224829/AI/06Snook/glut32.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral19
Sample
5224829/AI/06Snook/glut32.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
5224829/AI/06Snook/navipath.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral21
Sample
5224829/AI/06Snook/navipath.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
5224829/AI/07Woodcock/SimpleFlocking
Resource
ubuntu1804-amd64-20231215-en
ubuntu-18.04-amd64
Behavioral task
behavioral23
Sample
5224829/AI/07Woodcock/SimpleFlocking.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral24
Sample
5224829/AI/07Woodcock/SimpleFlocking.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
5224829/AI/07Woodcock/glut32.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral26
Sample
5224829/AI/07Woodcock/glut32.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
5224829/AI/08McCuskey/FUZZY
Resource
ubuntu1804-amd64-20231215-en
ubuntu-18.04-amd64
Behavioral task
behavioral28
Sample
5224829/AI/08McCuskey/FUZZY.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral29
Sample
5224829/AI/08McCuskey/FUZZY.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral30
Sample
5224829/AI/09LaMothe/NNLIST1
Resource
ubuntu1804-amd64-20231221-en
ubuntu-18.04-amd64
Behavioral task
behavioral31
Sample
5224829/AI/09LaMothe/NNLIST2
Resource
ubuntu1804-amd64-20231222-en
ubuntu-18.04-amd64
Behavioral task
behavioral32
Sample
5224829/AI/09LaMothe/NNLIST3
Resource
ubuntu1804-amd64-20231215-en
ubuntu-18.04-amd64
General
-
Target
5224829/AI/06Snook/glut.dll
-
Size
151KB
-
MD5
357d2bc9cafbf1cd87e7706d9e638c0c
-
SHA1
522ad5825106dd7a67e8e222f65869f5b711e092
-
SHA256
fc98bb5f6b6e843f290e2c3487350d1032f194079f313499e2c48fac8aed23fc
-
SHA512
eb398f84f79e7bda99de69c123dfd8a7187167dc8380697b672e6da9aa396372fa9d23723f7011eb5a644b76ae27697d65c72d21805eb9c46429a39903150c0c
-
SSDEEP
3072:AOWO+yM/RdskInE5+ohOeocRGyrXdr93lnNxK+oJq:AOWXHW1E+MfRPddxNxKR
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 5092 wrote to memory of 2956 5092 rundll32.exe 14 PID 5092 wrote to memory of 2956 5092 rundll32.exe 14 PID 5092 wrote to memory of 2956 5092 rundll32.exe 14