Overview
overview
10Static
static
102222-main/Build.exe
windows7-x64
102222-main/Build.exe
windows10-2004-x64
102222-main/...se.dll
windows7-x64
12222-main/...se.dll
windows10-2004-x64
2222-main/OTC.dll
windows7-x64
12222-main/OTC.dll
windows10-2004-x64
12222-main/OTC2.dll
windows7-x64
12222-main/OTC2.dll
windows10-2004-x64
12222-main/aurora.dll
windows7-x64
12222-main/aurora.dll
windows10-2004-x64
12222-main/...ty.dll
windows7-x64
32222-main/...ty.dll
windows10-2004-x64
32222-main/gan.exe
windows7-x64
62222-main/gan.exe
windows10-2004-x64
102222-main/mySThe.exe
windows7-x64
102222-main/mySThe.exe
windows10-2004-x64
102222-main/myporno.exe
windows7-x64
72222-main/myporno.exe
windows10-2004-x64
102222-main/pandora.dll
windows7-x64
32222-main/pandora.dll
windows10-2004-x64
32222-main/pass.exe
windows7-x64
102222-main/pass.exe
windows10-2004-x64
102222-main/petya.exe
windows7-x64
62222-main/petya.exe
windows10-2004-x64
62222-main/sheyhST.exe
windows7-x64
102222-main/sheyhST.exe
windows10-2004-x64
102222-main/...io.exe
windows7-x64
62222-main/...io.exe
windows10-2004-x64
72222-main/test.exe
windows7-x64
32222-main/test.exe
windows10-2004-x64
72222-main/token.exe
windows7-x64
62222-main/token.exe
windows10-2004-x64
6Analysis
-
max time kernel
137s -
max time network
164s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
11-03-2024 18:51
Behavioral task
behavioral1
Sample
2222-main/Build.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2222-main/Build.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
2222-main/NanoSense.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
2222-main/NanoSense.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
2222-main/OTC.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
2222-main/OTC.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
2222-main/OTC2.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
2222-main/OTC2.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
2222-main/aurora.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
2222-main/aurora.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
2222-main/fatality.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
2222-main/fatality.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
2222-main/gan.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
2222-main/gan.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
2222-main/mySThe.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
2222-main/mySThe.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
2222-main/myporno.exe
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
2222-main/myporno.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
2222-main/pandora.dll
Resource
win7-20240215-en
Behavioral task
behavioral20
Sample
2222-main/pandora.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
2222-main/pass.exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
2222-main/pass.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
2222-main/petya.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
2222-main/petya.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
2222-main/sheyhST.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
2222-main/sheyhST.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
2222-main/stpastio.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
2222-main/stpastio.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
2222-main/test.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
2222-main/test.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
2222-main/token.exe
Resource
win7-20231129-en
Behavioral task
behavioral32
Sample
2222-main/token.exe
Resource
win10v2004-20240226-en
General
-
Target
2222-main/OTC.dll
-
Size
8.7MB
-
MD5
cbac1eb2d0f808c9a1ace63379888580
-
SHA1
f502e21059146f8fffba5cd84f5dccd5c8b22677
-
SHA256
8afbfe7db1165a9c6be977be0d2455d9287ebd9c64688ac0bbcc3e1a9872cff3
-
SHA512
1d1e3bff24d61b58f9e81d037f6b1a58101bb4c12a6550da0d61486f34978a5744535033e4100ba929e49fe970f92c7c30a385f7398ab30a2e21873b3aa6f715
-
SSDEEP
196608:touw26TL/vezmj/wvs/9sL1jcOytIsjTIImELIjHBAHH8Vz1pQVN:aL/amIvbR8y08ImELWA8Vzg
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2744 wrote to memory of 5024 2744 rundll32.exe 96 PID 2744 wrote to memory of 5024 2744 rundll32.exe 96 PID 2744 wrote to memory of 5024 2744 rundll32.exe 96
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2222-main\OTC.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2744 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2222-main\OTC.dll,#12⤵PID:5024
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4088 --field-trial-handle=2676,i,447940133669489189,1353734109898858672,262144 --variations-seed-version /prefetch:81⤵PID:2756