Overview

overview

10

Static

static

3

Mauqes_beta.exe

windows11-21h2-x64

10

$PLUGINSDI...ls.dll

windows11-21h2-x64

1

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/app-64.7z

windows11-21h2-x64

3

locales/pl.pak

windows11-21h2-x64

3

locales/pt-BR.pak

windows11-21h2-x64

1

locales/pt-PT.pak

windows11-21h2-x64

1

locales/ro.pak

windows11-21h2-x64

3

locales/ru.ps1

windows11-21h2-x64

1

locales/sk.pak

windows11-21h2-x64

3

locales/sl.pak

windows11-21h2-x64

3

locales/sr.pak

windows11-21h2-x64

3

locales/sv.pak

windows11-21h2-x64

3

locales/sw.pak

windows11-21h2-x64

3

locales/ta.pak

windows11-21h2-x64

3

locales/te.pak

windows11-21h2-x64

3

locales/th.pak

windows11-21h2-x64

3

locales/tr.pak

windows11-21h2-x64

3

locales/uk.pak

windows11-21h2-x64

3

locales/ur.pak

windows11-21h2-x64

3

locales/vi.pak

windows11-21h2-x64

3

locales/zh-CN.pak

windows11-21h2-x64

3

locales/zh-TW.pak

windows11-21h2-x64

3

resources.pak

windows11-21h2-x64

3

resources/app.asar

windows11-21h2-x64

3

resources/elevate.exe

windows11-21h2-x64

1

snapshot_blob.bin

windows11-21h2-x64

3

v8_context...ot.bin

windows11-21h2-x64

3

vk_swiftshader.dll

windows11-21h2-x64

1

vk_swiftsh...d.json

windows11-21h2-x64

3

vulkan-1.dll

windows11-21h2-x64

1

$PLUGINSDI...7z.dll

windows11-21h2-x64

3

Resubmissions

22-02-2024 19:03

240222-xqpfgaed92 10

22-02-2024 18:10

240222-wsetdade6t 10

Analysis

  • max time kernel
    139s
  • max time network
    157s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-02-2024 18:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    locales/zh-CN.pak

  • Size

    435KB

  • MD5

    8673be2762103647592e9d733cbbc4c9

  • SHA1

    e7fc6328a3e9a5e06e1c5e99f588846ee189fe73

  • SHA256

    5d4ae2b8ad94e22b8c7a0c0448259486dc371ce7182a432394d7b6fd3cd532ee

  • SHA512

    7cf0a7fcdcd15b6e5aa8f20bab3adc6488e92a634cfc6ea13e1c9b4aa26c8b0d0b6d9f8a33ae7041a510da0d1598e955f9166d7dfb2c3d5ac5c71f1f074afe7b

  • SSDEEP

    12288:UJIVSGAsAh5vz1ae56T0vHt5MLNuhe3ym:Uqju5vzJ56T25MLNuhCym

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\locales\zh-CN.pak
    1⤵
    • Modifies registry class
    PID:3096
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:132

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads