Overview

overview

7

Static

static

3

texstudio-...t6.exe

windows7-x64

7

texstudio-...t6.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

1

$PLUGINSDI...gs.dll

windows10-2004-x64

1

D3Dcompiler_47.dll

windows10-2004-x64

1

Qt6Concurrent.dll

windows7-x64

1

Qt6Concurrent.dll

windows10-2004-x64

1

Qt6Core.dll

windows7-x64

1

Qt6Core.dll

windows10-2004-x64

1

Qt6Core5Compat.dll

windows7-x64

1

Qt6Core5Compat.dll

windows10-2004-x64

1

Qt6DBus.dll

windows7-x64

1

Qt6DBus.dll

windows10-2004-x64

1

Qt6Gui.dll

windows7-x64

1

Qt6Gui.dll

windows10-2004-x64

1

Qt6Network.dll

windows7-x64

1

Qt6Network.dll

windows10-2004-x64

1

Qt6PrintSupport.dll

windows7-x64

1

Qt6PrintSupport.dll

windows10-2004-x64

1

Qt6Qml.dll

windows7-x64

1

Qt6Qml.dll

windows10-2004-x64

1

Qt6QmlCore.dll

windows7-x64

1

Qt6QmlCore.dll

windows10-2004-x64

1

Qt6Svg.dll

windows7-x64

1

Qt6Svg.dll

windows10-2004-x64

1

Qt6Widgets.dll

windows7-x64

1

Qt6Widgets.dll

windows10-2004-x64

1

Qt6Xml.dll

windows7-x64

1

Qt6Xml.dll

windows10-2004-x64

1

TexTablet/...ib.dll

windows7-x64

1

Analysis

  • max time kernel
    447s
  • max time network
    456s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-03-2024 18:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Qt6QmlCore.dll

  • Size

    143KB

  • MD5

    866b9554bfb48cc945c7ab28d3b99edb

  • SHA1

    df7faf8dabe44f144dd7235ae813bf3832e49d55

  • SHA256

    1753ac247df706d70988cfb786dd55cbe283574e262f8d306da535cd21a08ad0

  • SHA512

    540171e35f2d265df5bdcff471cac98658b31b07b277dad25aa265eb2258c0e8fdeef5d9f1846162da7205751cda5a0d54b706b565397b4cca2da2637707e7c1

  • SSDEEP

    3072:fglM8L4RRP3I0VWtCv/obT/I4FHyR1LJ5a31DO2mlLBwIoI2:fuW5BAbT/I4FHO1LJ5I1DO2mlLBwIoI2

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Qt6QmlCore.dll,#1
    1⤵
      PID:1360
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2460
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3548

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        a1bb9816110cc5c8abee69fa6545e0d8

        SHA1

        917abb94b116926df35ead43378015e006c98747

        SHA256

        66320d46d59091f7172b381a4aca10e3168866bf87431f0ca5165355d970596d

        SHA512

        23af8a07c7e5415ed7d1f6ab3f8a1fcb38de44130f8746b3755edf93034c6db668ba224dee8db0efdf1380e5262fc84cf8a213558257362f207ec695ae80b94b

        Download Submit

      • memory/1360-0-0x00007FF831160000-0x00007FF831326000-memory.dmp

        Filesize

        1.8MB

        Download

      • memory/3548-42-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-34-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-43-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-35-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-36-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-37-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-38-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-39-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-45-0x0000025775CF0000-0x0000025775CF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-41-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-69-0x0000025775F40000-0x0000025775F41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-33-0x0000025775FA0000-0x0000025775FA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-40-0x0000025775FD0000-0x0000025775FD1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-44-0x0000025775D00000-0x0000025775D01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-47-0x0000025775D00000-0x0000025775D01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-50-0x0000025775CF0000-0x0000025775CF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-53-0x000002576D3E0000-0x000002576D3E1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-1-0x000002576DA40000-0x000002576DA50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3548-65-0x0000025775E20000-0x0000025775E21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-68-0x0000025775E30000-0x0000025775E31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-67-0x0000025775E30000-0x0000025775E31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3548-17-0x000002576DB40000-0x000002576DB50000-memory.dmp

        Filesize

        64KB

        Download