Overview

overview

7

Static

static

3

dolphin-x64-5.0.exe

windows7-x64

dolphin-x64-5.0.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

infinst.exe

windows7-x64

4

infinst.exe

windows10-2004-x64

4

xinput1_3.dll

windows7-x64

1

xinput1_3.dll

windows10-2004-x64

1

xinput1_3.dll

windows7-x64

1

xinput1_3.dll

windows10-2004-x64

1

$TEMP/dxre...UP.dll

windows7-x64

4

$TEMP/dxre...UP.dll

windows10-2004-x64

4

$TEMP/dxre...UP.exe

windows7-x64

4

$TEMP/dxre...UP.exe

windows10-2004-x64

4

$TEMP/dxre...32.dll

windows7-x64

4

$TEMP/dxre...32.dll

windows10-2004-x64

4

$TEMP/vcre...64.exe

windows7-x64

7

$TEMP/vcre...64.exe

windows10-2004-x64

7

Dolphin.exe

windows7-x64

1

Dolphin.exe

windows10-2004-x64

1

OpenAL32.dll

windows7-x64

1

OpenAL32.dll

windows10-2004-x64

1

Sys/GameSe...r2.ps1

windows7-x64

1

Sys/GameSe...r2.ps1

windows10-2004-x64

1

Sys/GameSe...01.ps1

windows7-x64

1

Sys/GameSe...01.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    25s
  • max time network
    39s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12-03-2024 19:45

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    dolphin-x64-5.0.exe

  • Size

    18.4MB

  • MD5

    eca48982effad82616f206f52336fe4b

  • SHA1

    4d88af3572de650b0b7dccd92dc8de5854edfae6

  • SHA256

    e1b3ae8fc890c6588e5656f77ef2747ae7ddfc90b6530b240c0c5b9d0ab3ce8c

  • SHA512

    778755b2d12c703a2954882a4d333b7cb61ee7ed0482b5cb14c1cbc4b90c8b65f308944a2f9369a89fc54d163c613efc65adf70316c08d447183f65637fcb557

  • SSDEEP

    393216:Y1qyjt4rPX8zs3XxdbHNemtqa7JhnurHTl0WcS4ENyQ4p9Jmm+:Y1qyZePX8khdbtecqa7JhnurHirhENys

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 8 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\dolphin-x64-5.0.exe
    "C:\Users\Admin\AppData\Local\Temp\dolphin-x64-5.0.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    PID:1664
    • C:\Users\Admin\AppData\Local\Temp\dxredist\DXSETUP.exe
      "C:\Users\Admin\AppData\Local\Temp\dxredist\DXSETUP.exe" /silent
      2⤵
        PID:2424
      • C:\Users\Admin\AppData\Local\Temp\vcredist\vc_redist.x64.exe
        "C:\Users\Admin\AppData\Local\Temp\vcredist\vc_redist.x64.exe" /install /quiet /norestart
        2⤵
          PID:2780
      • C:\Windows\system32\LogonUI.exe
        "LogonUI.exe" /flags:0x0
        1⤵
          PID:2524
        • C:\Windows\system32\LogonUI.exe
          "LogonUI.exe" /flags:0x1
          1⤵
            PID:2708

          Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Program Files\Dolphin\Dolphin.exe
            Filesize

            2.3MB

            MD5

            2fda4f9134ea9a301a2bf690d7b7a996

            SHA1

            3b89a25fc886aadf335da6a6df3de2200ab4683d

            SHA256

            203b1e0906b174b1c4b9e9d9475fa82a2af942900f1d86168a82d5fe041e7732

            SHA512

            3d7d2ee611fe0e90c5c79b6f812114748505e264add4ba27c1ed9ffe423ca8bee04e76a5a3f3fdf5efc4883c37c79994beda5aa851385f527ad99cb760d4e8e9

            Download Submit

          • C:\Program Files\Dolphin\Languages\it\dolphin-emu.mo
            Filesize

            121KB

            MD5

            f00a5461ba0b2c95f801923fef70c266

            SHA1

            f7717e3f341e1b56c46407df643d4ac6dcc09885

            SHA256

            19c8af2231c12fe7969e63595f818baf9421542d1e4f3ea64ac2ff79352a6f12

            SHA512

            a9977db27df94510bc75ee961924804c59c0005b9bc9b8961d63b01359c72920a6a6f0f3b014c715f3b0c4208038deb65f114f83dee157422dc035b84a267315

            Download Submit

          • C:\Program Files\Dolphin\Sys\Resources\toolbar_debugger_step_over.png
            Filesize

            988B

            MD5

            926a446e9de7d51c34ae548673386417

            SHA1

            5a0a2666b270eca354f1632de8f98fc966864d08

            SHA256

            85f27cf7d073c5931530c102d4c39ff731a3eb30c67d506c6626b0ad72f26539

            SHA512

            d5117a0a76c22b06aa91f7586f866387ad74b4962e569cab64d6abeb83d701c8b66331dc6193478f36faef616a95f404cb15a7a0b0b86f863c93ab09f908ea53

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\vcredist\vc_redist.x64.exe
            Filesize

            2.6MB

            MD5

            3b2c460047b168e058bfd3a4ac2afaa6

            SHA1

            301e7ab9b8b74b4cc61480ee983250a26a683884

            SHA256

            c1fdb4220c999c616635dd19ca15928c48bc05296756be1c4ded5980f68ed8bc

            SHA512

            7992703a2fef72489cd3f5f78772f3ae160b20f1002505479dadb9337143c79603264122df2154b0ba19129f7ec828100f70539eab742bafc8fc631e44bfa3f1

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            3.4MB

            MD5

            d4bc5453f6d151caf54e93df0ac865e0

            SHA1

            0d3d7e2e062ff7f7fdedde6711aec14123bb00c3

            SHA256

            e89f9369af46a4d80f11219abb969031cbe4c57f1d7e0679cf33091013df2d96

            SHA512

            2ef081d2bbde110254e474cb5d7b77fd651dc043bb4c1d3fbba4f6aa44bf2f80603975ff40337d4e9e0d1755368e339b4ce144f00d1bdd550eb2a5257351ed82

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            2.2MB

            MD5

            a39fb16405dc1807ccae84f0011f8d41

            SHA1

            d6245a118577ee9865263870bb36462fd26c5484

            SHA256

            685e5a578e247874ca18b6be9ef95877c5acd0419052cf10239a6f850caa8cd2

            SHA512

            f39b4ad837b46bd71cc3d6b25b8a09692239a0a087633c9dfb987f1bacd9af76405d318d808d49c605487e62d1452c1e58834d2031b630b5d589cb71f06f572a

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            296KB

            MD5

            a0034977ced6de68b79dcc3aba57ad11

            SHA1

            49964dc038d65a4a2655fa01b5e81ab04f66d376

            SHA256

            064fcc2f72c573db4c8e8aefd06b0ec4b3c5864c9e0818aa5453ad9e7d414923

            SHA512

            f23c4616703d7ea0a049974acc3266e11d3933d4394c461854589ab5a15171e7588230842bd668dbd1775529f19eb06bd26705bf55985b4a0ffb205c977990c9

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            617KB

            MD5

            247470272d5edcaa3f266466ffa41e1e

            SHA1

            9cc8d96997a1ac570ff2b910cff3a6756b280ff6

            SHA256

            91d4bee39654674d158d9784e58368a506b2e0c1b96ad3ad0864ce012aad28c9

            SHA512

            6c48ee799a436129c312b57916f58de31bd7dfc5881e118cf0823b3e6cafb1364a89eabe982ba5c65be5473df23c34e62fe82fc6c651d322ded7bf2328c701e3

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            458KB

            MD5

            3d9feca0426ff06444f42e5c2dff5ca7

            SHA1

            bc2d192971ac8025e05b26d8bce4e3b95785418e

            SHA256

            154b4a95c6201af3fc90774dce2bc40bfbf474e32cc68f4e8f32332609c042cb

            SHA512

            e88e31173f5e5247892b925a1d32538c795049ed028968ed61a56e6b3e03810bd9eaf3591d15062ecf7f56651d0a42743e18b52779fe8f972e3bc8f0cebccb44

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            221KB

            MD5

            27d9b7b43f4edb43e6d7fd4c360836cd

            SHA1

            94a3d994913e232c122b5ae29f701af7ea8340aa

            SHA256

            0421c4075c53006c630f207209f78b2acfbbece3e2840071b64506f9c595088d

            SHA512

            22d3357f06e5855d3948052fd543a217f8fd8a7d6dfb66ca5ab9682e11fbb8ca37e3b0b487e933f91571b6d59d91275a849568e9221e33c9cdb53588101650e1

            Download Submit

          • \Program Files\Dolphin\Dolphin.exe
            Filesize

            195KB

            MD5

            88b4a25873c5919d0d57589d1771bb50

            SHA1

            bb43e452c302b4830dfeb8d2d111e5e896210458

            SHA256

            dae0a78bc5164183de2699ee8fe12ca43052c01dc55b5c49df9473741b287ed9

            SHA512

            fdfd7f59eaca5f8d3f2472b9e8cd97f0792b8fc7473f6323f193cf946e58f800dd42816360e533076511a03b4b4872d27a661808c15a77223dce1948f23e33a7

            Download Submit

          • \Users\Admin\AppData\Local\Temp\dxredist\DXSETUP.exe
            Filesize

            505KB

            MD5

            bf3f290275c21bdd3951955c9c3cf32c

            SHA1

            9fd00f3bb8a870112dae464f555fcd5e7f9200c0

            SHA256

            8f47d7121ef6532ad9ad9901e44e237f5c30448b752028c58a9d19521414e40d

            SHA512

            d2c354ee8b6977d01f23c6d2bb4977812bf653eae25e7a75a7d0a36b588c89fcdbdc2a8087c24d6ff687afebd086d4b7d0c92203ce39691b21dab71eafd1d249

            Download Submit

          • \Users\Admin\AppData\Local\Temp\nso9668.tmp\LangDLL.dll
            Filesize

            5KB

            MD5

            e447e49175c0db1f27888aede301084f

            SHA1

            f5946c743265cd8e81f3e7b6376dada57f99877f

            SHA256

            fd26ef21d72797fedecd3d15f2001cea793383aceb3cee19a5ae2a3d30e197b6

            SHA512

            e6543bf81bedce94a58f48cd6f9daaec891775e01ff76b771c22d459a778490f9bba0bebbf111b1ca3091b3ca69bca806a9b5e68ce12df03abbaa6ce5c4b7cec

            Download Submit

          • \Users\Admin\AppData\Local\Temp\nso9668.tmp\System.dll
            Filesize

            10KB

            MD5

            56a321bd011112ec5d8a32b2f6fd3231

            SHA1

            df20e3a35a1636de64df5290ae5e4e7572447f78

            SHA256

            bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

            SHA512

            5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

            Download Submit

          • \Users\Admin\AppData\Local\Temp\vcredist\vc_redist.x64.exe
            Filesize

            2.0MB

            MD5

            b02c11396906ccf3e6dcf597d706e0d8

            SHA1

            9a96c4e8a01be755d615db4a675396a93f36f70c

            SHA256

            c499e15d28fce903aa8450b98b07768ff24d184be3a7869964bdaf01e600d1f6

            SHA512

            1769cce2255ae7181219e7e5a1b37eb556d46e7c3241b231d9d0e9f04035489bc332428a048925f7d7d42423e439d1c042361cdda9a487a82dbeb32b35e1ea1d

            Download Submit

          • memory/2524-1626-0x00000000029C0000-0x00000000029C1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2708-4044-0x00000000026E0000-0x00000000026E1000-memory.dmp

            Filesize

            4KB

            Download