Overview

overview

7

Static

static

3

texstudio-...t6.exe

windows7-x64

7

texstudio-...t6.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

1

$PLUGINSDI...gs.dll

windows10-2004-x64

1

D3Dcompiler_47.dll

windows10-2004-x64

1

Qt6Concurrent.dll

windows7-x64

1

Qt6Concurrent.dll

windows10-2004-x64

1

Qt6Core.dll

windows7-x64

1

Qt6Core.dll

windows10-2004-x64

1

Qt6Core5Compat.dll

windows7-x64

1

Qt6Core5Compat.dll

windows10-2004-x64

1

Qt6DBus.dll

windows7-x64

1

Qt6DBus.dll

windows10-2004-x64

1

Qt6Gui.dll

windows7-x64

1

Qt6Gui.dll

windows10-2004-x64

1

Qt6Network.dll

windows7-x64

1

Qt6Network.dll

windows10-2004-x64

1

Qt6PrintSupport.dll

windows7-x64

1

Qt6PrintSupport.dll

windows10-2004-x64

1

Qt6Qml.dll

windows7-x64

1

Qt6Qml.dll

windows10-2004-x64

1

Qt6QmlCore.dll

windows7-x64

1

Qt6QmlCore.dll

windows10-2004-x64

1

Qt6Svg.dll

windows7-x64

1

Qt6Svg.dll

windows10-2004-x64

1

Qt6Widgets.dll

windows7-x64

1

Qt6Widgets.dll

windows10-2004-x64

1

Qt6Xml.dll

windows7-x64

1

Qt6Xml.dll

windows10-2004-x64

1

TexTablet/...ib.dll

windows7-x64

1

Analysis

  • max time kernel
    446s
  • max time network
    456s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/03/2024, 18:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Qt6PrintSupport.dll

  • Size

    439KB

  • MD5

    43aded4fef09d8045443d0cb210608a1

  • SHA1

    d4361d0c7d2d2872d550820ce747cc2408da1592

  • SHA256

    23a766b478dc183357aa8dfbc7ed0978b80d7bbc1f361c5c56e74ef56dca80c3

  • SHA512

    031423f32a5f67d37e8a74aca0f112f6c35fa00584894ffbe9758898910ddd1e3e9a71135c83d67d07c40066b2aa7224caf87f4a4082699cdafa55894838f795

  • SSDEEP

    6144:an9rl8hs82cV2FbfFcOyopexa3alyT5H/uns63l7RCSLRSASc:a9rlGoI2VfcznRR0AH

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Qt6PrintSupport.dll,#1
    1⤵
      PID:2244
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3952
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2676

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2244-0-0x00007FFB07AB0000-0x00007FFB07C76000-memory.dmp

        Filesize

        1.8MB

        Download

      • memory/2244-1-0x00007FFB09D40000-0x00007FFB09DAB000-memory.dmp

        Filesize

        428KB

        Download

      • memory/2244-2-0x00007FFB094B0000-0x00007FFB09D35000-memory.dmp

        Filesize

        8.5MB

        Download

      • memory/2244-4-0x00007FFB085D0000-0x00007FFB08C51000-memory.dmp

        Filesize

        6.5MB

        Download

      • memory/2244-3-0x00007FFB08C60000-0x00007FFB08EA4000-memory.dmp

        Filesize

        2.3MB

        Download

      • memory/2244-5-0x00007FFB08EB0000-0x00007FFB094AA000-memory.dmp

        Filesize

        6.0MB

        Download

      • memory/2244-6-0x00007FFB10680000-0x00007FFB10697000-memory.dmp

        Filesize

        92KB

        Download

      • memory/2244-7-0x00007FFB08490000-0x00007FFB085CC000-memory.dmp

        Filesize

        1.2MB

        Download

      • memory/2244-8-0x00007FFB0A5D0000-0x00007FFB0A5F4000-memory.dmp

        Filesize

        144KB

        Download

      • memory/2244-9-0x00007FFB08440000-0x00007FFB08482000-memory.dmp

        Filesize

        264KB

        Download

      • memory/2244-10-0x00007FFB08370000-0x00007FFB08434000-memory.dmp

        Filesize

        784KB

        Download

      • memory/2244-11-0x00007FFB0A5B0000-0x00007FFB0A5CF000-memory.dmp

        Filesize

        124KB

        Download

      • memory/2244-12-0x00007FFB08350000-0x00007FFB08361000-memory.dmp

        Filesize

        68KB

        Download

      • memory/2244-14-0x00007FFB08310000-0x00007FFB0832A000-memory.dmp

        Filesize

        104KB

        Download

      • memory/2244-16-0x00007FFB08190000-0x00007FFB082AE000-memory.dmp

        Filesize

        1.1MB

        Download

      • memory/2244-15-0x00007FFB082B0000-0x00007FFB08310000-memory.dmp

        Filesize

        384KB

        Download

      • memory/2244-17-0x00007FFB07EA0000-0x00007FFB0816E000-memory.dmp

        Filesize

        2.8MB

        Download

      • memory/2244-13-0x00007FFB08330000-0x00007FFB0834E000-memory.dmp

        Filesize

        120KB

        Download

      • memory/2244-18-0x00007FFB07E60000-0x00007FFB07E95000-memory.dmp

        Filesize

        212KB

        Download

      • memory/2244-19-0x00007FFB07CF0000-0x00007FFB07E56000-memory.dmp

        Filesize

        1.4MB

        Download

      • memory/2244-21-0x00007FFB07CD0000-0x00007FFB07CE7000-memory.dmp

        Filesize

        92KB

        Download

      • memory/2244-20-0x00007FFB07CB0000-0x00007FFB07CCA000-memory.dmp

        Filesize

        104KB

        Download

      • memory/2244-22-0x00007FFB07C80000-0x00007FFB07CAC000-memory.dmp

        Filesize

        176KB

        Download

      • memory/2244-24-0x00007FFB07A40000-0x00007FFB07AA9000-memory.dmp

        Filesize

        420KB

        Download

      • memory/2244-23-0x00007FFB07AB0000-0x00007FFB07C76000-memory.dmp

        Filesize

        1.8MB

        Download

      • memory/2244-25-0x00007FFB07A10000-0x00007FFB07A3D000-memory.dmp

        Filesize

        180KB

        Download

      • memory/2244-26-0x00007FFB078F0000-0x00007FFB07A09000-memory.dmp

        Filesize

        1.1MB

        Download

      • memory/2244-27-0x00007FFB05B80000-0x00007FFB078E9000-memory.dmp

        Filesize

        29.4MB

        Download

      • memory/2676-28-0x00000221A3B40000-0x00000221A3B50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2676-44-0x00000221A3C40000-0x00000221A3C50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2676-60-0x00000221ABF70000-0x00000221ABF71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2676-62-0x00000221ABFA0000-0x00000221ABFA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2676-63-0x00000221ABFA0000-0x00000221ABFA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2676-64-0x00000221AC0B0000-0x00000221AC0B1000-memory.dmp

        Filesize

        4KB

        Download