Overview

overview

10

Static

static

3

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

WCLDll.dll

windows7-x64

1

WCLDll.dll

windows10-2004-x64

1

msvcp140.dll

windows7-x64

3

msvcp140.dll

windows10-2004-x64

3

ptMgr.dll

windows7-x64

1

ptMgr.dll

windows10-2004-x64

3

ptusredt.dll

windows7-x64

1

ptusredt.dll

windows10-2004-x64

1

vcruntime140.dll

windows7-x64

3

vcruntime140.dll

windows10-2004-x64

3

wbxtrace.dll

windows7-x64

1

wbxtrace.dll

windows10-2004-x64

3

x64/Templa...te.htm

windows7-x64

1

x64/Templa...te.htm

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...re.dll

windows7-x64

1

x64/plugin...re.dll

windows10-2004-x64

1

x64/plugin...po.dll

windows7-x64

1

x64/plugin...po.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

x64/plugin...ns.dll

windows7-x64

1

x64/plugin...ns.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    450s
  • max time network
    453s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-03-2024 05:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x64/plugins/MahApps.Metro.IconPacks.EvaIcons.dll

  • Size

    416KB

  • MD5

    721f37645c32653200b06969419344b2

  • SHA1

    ba5a3868632e98adef61c7a2999e726881eca4a7

  • SHA256

    14d31cdf80fab1df0f874e4f8d8090b5393b6ffac6cd86dfb5c71dd8f62f4e93

  • SHA512

    f3d8375d2df69fce7e4dbff68295281a94cdce9de86ef52aa951c7d2ff8cad48777a76192d6a20f0b804b307d48914f66fcff7bc25da2ab946de456079db59db

  • SSDEEP

    3072:esRQOZCZi9zOr8G2OIC5kXgRXgFmrUjwD:/RQwLbmW+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\x64\plugins\MahApps.Metro.IconPacks.EvaIcons.dll,#1
    1⤵
      PID:232
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2104
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2176

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        855eab4f28049337eae44f476d19412a

        SHA1

        96b0c0b1439e16e8516b3dc563e4d5f803a2edd6

        SHA256

        aaae8d91884e6dfe60f2a4fede6936e763f655e2d6a6364f38963299abe94156

        SHA512

        66f2c5456889c583775e728b3f5e6f6bb6f7a3bf8fae694069cfbb17a0bd887206f1393373f2050be2eef56859751eccbc88bf34cc43ff87924fbeb20cd68be3

        Download Submit

      • memory/2176-40-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-33-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-42-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-34-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-35-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-36-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-37-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-38-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-43-0x0000025C9F340000-0x0000025C9F341000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-0-0x0000025C97040000-0x0000025C97050000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2176-68-0x0000025C9F590000-0x0000025C9F591000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-32-0x0000025C9F6F0000-0x0000025C9F6F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-39-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-44-0x0000025C9F330000-0x0000025C9F331000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-46-0x0000025C9F340000-0x0000025C9F341000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-49-0x0000025C9F330000-0x0000025C9F331000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-52-0x0000025C9F270000-0x0000025C9F271000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-16-0x0000025C97140000-0x0000025C97150000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2176-64-0x0000025C9F470000-0x0000025C9F471000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-66-0x0000025C9F480000-0x0000025C9F481000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-67-0x0000025C9F480000-0x0000025C9F481000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2176-41-0x0000025C9F710000-0x0000025C9F711000-memory.dmp

        Filesize

        4KB

        Download