d4b30c1f2c1f10f46037533e5768b6abba1f60a613e779d871c21abe8ef02d48 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

sunshine-w...er.exe

windows7-x64

8

sunshine-w...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...nu.dll

windows7-x64

1

$PLUGINSDI...nu.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...fo.dll

windows7-x64

1

$PLUGINSDI...fo.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

assets/web/apps.html

windows7-x64

1

assets/web/apps.html

windows10-2004-x64

1

assets/web...ff0.js

windows7-x64

1

assets/web...ff0.js

windows10-2004-x64

1

assets/web...521.js

windows7-x64

1

assets/web...521.js

windows10-2004-x64

1

assets/web...ba4.js

windows7-x64

1

assets/web...ba4.js

windows10-2004-x64

1

assets/web...39f.js

windows7-x64

1

assets/web...39f.js

windows10-2004-x64

1

assets/web...092.js

windows7-x64

1

assets/web...092.js

windows10-2004-x64

1

assets/web/index.html

windows7-x64

1

assets/web/index.html

windows10-2004-x64

1

assets/web...d.html

windows7-x64

1

assets/web...d.html

windows10-2004-x64

1

assets/web/pin.html

windows7-x64

1

assets/web/pin.html

windows10-2004-x64

1

Analysis

max time kernel
149s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12-03-2024 19:59

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

sunshine-windows-installer.exe

Resource

win7-20240221-en

discovery evasion persistence

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

sunshine-windows-installer.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/StartMenu.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/StartMenu.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/nsExec.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/nsExec.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Uninstall.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

Uninstall.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

assets/web/apps.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral16

Sample

assets/web/apps.html

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

assets/web/assets/Navbar-4fa05ff0.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

assets/web/assets/Navbar-4fa05ff0.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

assets/web/assets/ResourceCard-85906521.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

assets/web/assets/ResourceCard-85906521.js

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

assets/web/assets/_plugin-vue_export-helper-63b51ba4.js

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

assets/web/assets/_plugin-vue_export-helper-63b51ba4.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

assets/web/assets/apps-f0a1239f.js

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

assets/web/assets/apps-f0a1239f.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

assets/web/assets/config-7f23f092.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

assets/web/assets/config-7f23f092.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

assets/web/index.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

assets/web/index.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral29

Sample

assets/web/password.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral30

Sample

assets/web/password.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral31

Sample

assets/web/pin.html

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral32

Sample

assets/web/pin.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Report Analysis Logs

General

Target

$PLUGINSDIR/UserInfo.dll
Size

7KB
MD5

8e1998776ffd1d578a80d603c55721fc
SHA1

48ff2d677739d0f34f6c8cda41258af3989f534d
SHA256

7616de346ee28e4314d8a5bf67575c0010b1b07c93c6c29798f9106589ba25ae
SHA512

90c0800e485bd56177576b1d245457427d15b81b475eca4154a65225b82fe9c2ae7f07b07d48a61a3f622c4b2a2cb0b834a5d0b0b895f5bbf88b5bdead2257eb
SSDEEP

96:CMa252x1kO2TPrdKXW3xOgHdjOC2gwNQtyrdUyJx1XW:go7DJKXWDSpJ

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\UserInfo.dll,#1
1⤵
PID:1756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1756-0-0x00007FFA0A810000-0x00007FFA0A819000-memory.dmp

Filesize
36KB

Download

© 2018-2024

Terms | Privacy