70237f97e78fa67a7cf63ff983658ddcc83584c622fe4b168f9a8297db4de7cd

Analysis

max time kernel
160s
max time network
215s
platform
windows10-2004_x64
resource
win10v2004-20240226-de
resource tags

arch:x64arch:x86image:win10v2004-20240226-delocale:de-deos:windows10-2004-x64systemwindows
submitted
27/02/2024, 20:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

GOTOBED (64bit)/Go To Bed_Data/Managed/Assembly-CSharp.dll
Size

66KB
MD5

3af8a54899e814e355dec2ee7faa578f
SHA1

498c864ffb7788358044766004ea3e0a4dd7780b
SHA256

1e56549c59169ca7caae6cb773b7da1380f515db7c5fa936216c0e3d0338cb55
SHA512

1bd4fef6b08b4ad9abc377cdb548fdde17fd661fd405dfcb668ca345e8e076497b5cdc5d94c6b1a143144caece9d6dd88b1e4cec4b16f30267c7339a84d05d2b
SSDEEP

1536:qtLDM25PA/ajACq+5/S2pTCnRT45+4CD:qVlAoJqC/S2xCnRT45+46

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\GOTOBED (64bit)\Go To Bed_Data\Managed\Assembly-CSharp.dll",#1
1⤵
PID:1256

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1192.1.1017085493\674460569" -parentBuildID 20221007134813 -prefsHandle 1944 -prefMapHandle 1904 -prefsLen 17556 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae4bf0ff-7252-428a-8219-ddaf06641c4b} 1192 "\\.\pipe\gecko-crash-server-pipe.1192" 1956 21d353f7958 socket
1⤵
PID:952

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1596.3.1654890969\366998242" -childID 2 -isForBrowser -prefsHandle 1336 -prefMapHandle 1684 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1368 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33cc54af-d874-4c60-a921-7d446a97ed3a} 1596 "\\.\pipe\gecko-crash-server-pipe.1596" 1340 280c4671b58 tab
1⤵
PID:1880

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1596.4.1268595646\778639462" -childID 3 -isForBrowser -prefsHandle 3472 -prefMapHandle 3468 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1368 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d67c6a2a-37f8-4c2a-9f39-0c61f9ea0ffd} 1596 "\\.\pipe\gecko-crash-server-pipe.1596" 3484 280c4661558 tab
1⤵
PID:1652

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1596.5.1333852396\1651616625" -childID 4 -isForBrowser -prefsHandle 4740 -prefMapHandle 4748 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1368 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3de51ee-421b-4fe9-9f47-39cd1223180d} 1596 "\\.\pipe\gecko-crash-server-pipe.1596" 4720 280d1f45e58 tab
1⤵
PID:5132

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1596.6.138545846\1792710197" -childID 5 -isForBrowser -prefsHandle 4896 -prefMapHandle 4900 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1368 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {353ce7e6-77a8-48fc-ae99-b66c42e0c9a3} 1596 "\\.\pipe\gecko-crash-server-pipe.1596" 4880 280d6258a58 tab
1⤵
PID:5160

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1596.7.694481857\574356671" -childID 6 -isForBrowser -prefsHandle 5136 -prefMapHandle 4988 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1368 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d8f2c40-58a5-46f0-a917-7b2cb2c0cb21} 1596 "\\.\pipe\gecko-crash-server-pipe.1596" 5124 280d6259058 tab
1⤵
PID:5172

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5904

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1596.8.1284396081\1760956094" -childID 7 -isForBrowser -prefsHandle 5616 -prefMapHandle 5612 -prefsLen 26285 -prefMapSize 233444 -jsInitHandle 1368 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7f54d3b3-96c9-44f3-94f4-8e407be671ca} 1596 "\\.\pipe\gecko-crash-server-pipe.1596" 5624 280d80f6858 tab
1⤵
PID:6104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\vcredist2010_x64.log-MSI_vc_red.msi.txt

Filesize
379KB

MD5
8c68828370e4b2a19f59c52087cacc4a

SHA1
2d35805b5114bb90bed4b4b15b6cecd9292a1fbb

SHA256
360cc8e77e1cba5e54dcb8c0695c03f02ba741af7ddc7489f07231cbf114312f

SHA512
571c0dc1df0e9005ebafbe4a86bd652e95b75da9d3a5095225e96f59253dde90f75843ac28191449bd07d28cfb02e7015353db0fcac966159f969e2ef6dab7e0

Download Submit
C:\vcredist2010_x64.log.html

Filesize
86KB

MD5
1fb689a5b044640c3d3dde285e47fea5

SHA1
be190dada98dc770b3622daa39b865c7ebab85e2

SHA256
cb9ca84d176cfea4cb0fe45ffc7f8d53bcff9e1d28cdf2d76ce32cb454206fa0

SHA512
2428b5a1e9f0af3569c18d37099962ee934b61a00a8e0b44d6e9664be7c8a5a2bb92b1ad866d8391993f02c916b91124529a6cf16b148293c194ee36b496e656

Download Submit
C:\vcredist2010_x86.log-MSI_vc_red.msi.txt

Filesize
396KB

MD5
e78af6833c4f7d8107d86f4342acf031

SHA1
c934574aff020875e829ade2d45497e9c937df0b

SHA256
832078c755b5291505a311643e033287e8f9872fe16f6e3523487d7dd3d8c5e5

SHA512
20b69ee8026536134c4f789274d2e3d494024bce8bc33825f4db85df7e22ea6a30eef63a1b7f8b147096aad00bbc55081ac02ed7c9a3026926c54be2956467c1

Download Submit
C:\vcredist2010_x86.log.html

Filesize
82KB

MD5
da3cf4db379428e2131256b684b9cde8

SHA1
cec87d8aaa81a07a7c7c7fc8b34c58f0f1ae1cbb

SHA256
8e502c20ade33205856c2b7ba19540e945340223858e292efade55ddbf0397f3

SHA512
ebdde710025c4462181306c68d4969eaa8d5080e633e1dc963666b0d82c802c7bdf74db35dda10a14a0c64d02fd3e1ab7b1ec808b6841dea5f0b4bdc76247635

Download Submit
C:\vcredist2012_x64_0_vcRuntimeMinimum_x64.log

Filesize
168KB

MD5
efc74119a4daa24751bb122ba3b024b7

SHA1
c7395403e13a9ca857a0c71ee9da3da0d866078a

SHA256
7f671330c29a3272437189361e0c999282f184a6a9320a3e93c8ad5dc031dcab

SHA512
91d70927a6930ee9171a56191d2cf54cb656cee0f8f08a330920a65736007fcd04b6c85a391fb2c969def5e1b4af3146e71718b659903bbfa2c7e20647e2b54c

Download Submit
C:\vcredist2012_x64_1_vcRuntimeAdditional_x64.log

Filesize
195KB

MD5
2254abffadddf7b8aac462d6dd837063

SHA1
5a94ae36ec34399e29d20957d2b9349042473c71

SHA256
88c9fdc2f2baedccf0a330da27d08a7fdc849a3f2fdd5e986306b826e591941c

SHA512
b5fc6e929edaf3c4863b5a71ab699083b0d485ff250372752ce125a1e0fd44c9443847044d99172cc0a7880c45c00f0666410425ec57f054643b46733ab37256

Download Submit
C:\vcredist2012_x86_0_vcRuntimeMinimum_x86.log

Filesize
171KB

MD5
3c61d78cad6f40175423d31309b4a2c0

SHA1
14112d9f4329999d45a1c7ade009606d44738f64

SHA256
a3fc2eee5093ba80ee396c65960a6448690a790d60561d13244d5bf83dbcdc5b

SHA512
b93a33e12ae31c67278e58ee06506a78506e8a9bc7ac3e7056d4d33759d487e93e008c059b665e8696f51a988b88fbd2c31b4431c30338db248cffb98fe466b0

Download Submit
C:\vcredist2012_x86_1_vcRuntimeAdditional_x86.log

Filesize
208KB

MD5
760cc152719aebab1d731d2799598b33

SHA1
91e2f50100e88f9ca4bb7e96df7f756fbe8842c3

SHA256
55fd4477690ed8a2bc3d5789109b19e164c2a3a23176c124519dad392e5c0361

SHA512
654b10d555255706def7542c714372f98b370b83d2bd07b3694412de9d91268c8355399a52673cff8eacfdf96751ee40ec615b335f9cd5c51ef2905192f922d8

Download Submit
C:\vcredist2013_x64_000_vcRuntimeMinimum_x64.log

Filesize
170KB

MD5
0b4a6d73e7e0d264e6068a85439ac9d2

SHA1
7c1110d4bee2eda959b629fc565593ebb09d2e54

SHA256
10104d9a1ad430d05d4c708ca574f91db57f5f31532f09bb6148a8ff14e01cf7

SHA512
8db9c193771ff2df82156127bc2146193348612091593f4a8bb6234f69b08141d79c4e23dbec01ddd8f17091dbcd3381219b1d7e24b6667b9052732c71a87e9e

Download Submit
C:\vcredist2013_x64_001_vcRuntimeAdditional_x64.log

Filesize
191KB

MD5
fca91faee6fdd3d2efcdb3a740c14d84

SHA1
c3fb21bb37f26d127913c8496528035b90b6e459

SHA256
becdccb07e2b0420923f8f4296d41c098b281d5b48d4dedc21ed57597f18e8a4

SHA512
3833af2cdca6044f9431a1d235cd085f88ffaa02c2ca81f3d2a7a8dc990362726feade52c004c6b3639e95bcfa924d0bc7d43dc4798c30962534f0b43433f20f

Download Submit
C:\vcredist2013_x86_000_vcRuntimeMinimum_x86.log

Filesize
170KB

MD5
3b2296feeb1d49f4ff050b24c654d3aa

SHA1
24d47b6c94737a45d6c7554d14ec989572cd0387

SHA256
bb52b17a5702f607e698e43f9cdeed53f39ff0a3af2ce42455ed8ba151512518

SHA512
ccb2bc93f8de97e3bdd5e79dfdfd24489efcc6cc127d281e83da22b53f523b5ce4d7df50751da26bb737b231640cf1678d0942d40917735056c628e8e6a0245f

Download Submit
C:\vcredist2013_x86_001_vcRuntimeAdditional_x86.log

Filesize
198KB

MD5
39ea7c1866d65b881ddac7a0424cb975

SHA1
13885c716a5ff1be38f0dfb9d1d4c3a4949b23a1

SHA256
5c954c34da4b5807198600f32077258e01d72ad55f152a16f360f713f7483463

SHA512
0cdd2e8b68d09e0700ec934044b44cd0ae933ecb8a68378e4f40d9fc5301162d44e5f2a0c45f35890fd490bd8e00ec8befaa483a1dcbdca93abd99fd80eafb1e

Download Submit
C:\vcredist2022_x64_000_vcRuntimeMinimum_x64.log

Filesize
123KB

MD5
d82acfe1acf5490881d5b4c12842e54f

SHA1
384bc53a28db75867bbcafb9bd815d45ab2a71fd

SHA256
1dd73aa81761a4e3b465a4337d52772441a0496b765d08f7fce9da61baa11a31

SHA512
c0bd719709cbcf0c6cf3dab6249811c9cc7ebad40389a09f281cd10e75fca8c5d50ae32c4a4a9cd88c2deec5eadfbcd8532d2a9dc841e0b2c4b64e736416784c

Download Submit
C:\vcredist2022_x64_001_vcRuntimeAdditional_x64.log

Filesize
129KB

MD5
d289d94f38ca3fb551ad1fe6ade48aad

SHA1
c112d3045203a32dbb4b4d5e1498bb18a3caf202

SHA256
9ec27a9617687d85aa1a8c5dbfb04efc1fbf40f2799b1686238c4061d4ee929f

SHA512
b50a92a8812eda1f970506b11308cd63031fffd2c1b5c09bf4aa7fbfd1f3a371a83f965e15991fd138d7da960acf37b33cd82bfe6657be49a59aec40b2f5eb98

Download Submit
C:\vcredist2022_x86_000_vcRuntimeMinimum_x86.log

Filesize
123KB

MD5
8abccb88d679b2385ece4268098c49ae

SHA1
a6c6425277dbe289808f47439eaeedc575ac40b0

SHA256
e4c1de90273b3f9501980f747481d3c198e0ee1f1e1ebdf858e425a43605015d

SHA512
a602f852b9c1358b2c91b70d692bd6342fcb732c717d6d913255034f240f990f4f3f3a6f5eea1a940ddaba5c8fdbb2e569c15cf6be03c051471338c72b787843

Download Submit
C:\vcredist2022_x86_001_vcRuntimeAdditional_x86.log

Filesize
135KB

MD5
e9d5da7570d08cfe07cc0115822da295

SHA1
a64a40fc2450e31dfa96712dfc6c8d24e57b4792

SHA256
ae4a75e32794dbd6e4951c5ac54f960812148a2a39bb1584e2da7125f0852ea8

SHA512
1e5ff4b4f3c132acd55641da30e4774caadc298473df2eb5293ef0e2c116b3d85819397a22b0f68aca088de51f27b70618d3f5fd20ff775960ee309b88f471dd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads