Overview
overview
7Static
static
78ba6723e53...e2.exe
windows7-x64
38ba6723e53...e2.exe
windows10-2004-x64
3$PLUGINSDI...64.dll
windows7-x64
3$PLUGINSDI...64.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...sh.dll
windows7-x64
3$PLUGINSDI...sh.dll
windows10-2004-x64
3$PLUGINSDIR/inetc.dll
windows7-x64
3$PLUGINSDIR/inetc.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...om.dll
windows7-x64
7$PLUGINSDI...om.dll
windows10-2004-x64
7Coolso.exe
windows7-x64
1Coolso.exe
windows10-2004-x64
1eAPI.dll
windows7-x64
1eAPI.dll
windows10-2004-x64
1iconv.dll
windows7-x64
1iconv.dll
windows10-2004-x64
1iext2.dll
windows7-x64
1iext2.dll
windows10-2004-x64
1internet.dll
windows7-x64
1internet.dll
windows10-2004-x64
1krnln.dll
windows7-x64
1krnln.dll
windows10-2004-x64
1play/com.dll
windows7-x64
3play/com.dll
windows10-2004-x64
3play/eAPI.dll
windows7-x64
1play/eAPI.dll
windows10-2004-x64
1Analysis
-
max time kernel
118s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
03/02/2024, 06:36
Behavioral task
behavioral1
Sample
8ba6723e538cf9bc464db0edc33d8ce2.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
8ba6723e538cf9bc464db0edc33d8ce2.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Base64.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Base64.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
$PLUGINSDIR/blowfish.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral10
Sample
$PLUGINSDIR/blowfish.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
$PLUGINSDIR/inetc.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral12
Sample
$PLUGINSDIR/inetc.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsRandom.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsRandom.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Coolso.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral18
Sample
Coolso.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
eAPI.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral20
Sample
eAPI.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
iconv.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral22
Sample
iconv.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
iext2.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral24
Sample
iext2.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
internet.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral26
Sample
internet.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
krnln.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral28
Sample
krnln.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
play/com.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral30
Sample
play/com.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
play/eAPI.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral32
Sample
play/eAPI.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
General
-
Target
eAPI.dll
-
Size
328KB
-
MD5
cbd788f4c71b9776660d6e8473ae0e09
-
SHA1
0189cd47bfa5d1cac0d7f1a33953d279f60b02bf
-
SHA256
db0a6d7b75503daaf93c8e62ce67abd3afd57daaef4a448ec25a43d1de69e47e
-
SHA512
84bc02c67e3a3a9f77418b25afe7ec55e5bb5ca5a6c05503d94dffa57a30c7608e79bb4f83fe91c39ccce16872df2b3f9e7e5a8eafb4f563b1f961b93e9b8c94
-
SSDEEP
3072:RML/WXLcZnh1Sn8v2jNGQHTBJu0Lo2nVXQdtzb9trTSh05LNZPyJPo/AfVsIwQ+w:RZbcZh1Su2dHm0JnYpRuVBwQ+6etZZ
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 3064 wrote to memory of 2380 3064 rundll32.exe 27 PID 3064 wrote to memory of 2380 3064 rundll32.exe 27 PID 3064 wrote to memory of 2380 3064 rundll32.exe 27 PID 3064 wrote to memory of 2380 3064 rundll32.exe 27 PID 3064 wrote to memory of 2380 3064 rundll32.exe 27 PID 3064 wrote to memory of 2380 3064 rundll32.exe 27 PID 3064 wrote to memory of 2380 3064 rundll32.exe 27