ca8330387842d2606aaddbaff7f2c860f16d822650d07a0e3f3cce23fb2a702d | Triage

Submit
Reports

Overview

overview

7

Static

static

7

DesktopSpr...2K.exe

windows7-x64

7

DesktopSpr...2K.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

CheckUpdate.exe

windows7-x64

7

CheckUpdate.exe

windows10-2004-x64

7

DesktopSprite.exe

windows7-x64

7

DesktopSprite.exe

windows10-2004-x64

7

GdiPlus.dll

windows7-x64

3

GdiPlus.dll

windows10-2004-x64

3

Res/Note/d...oad.js

windows7-x64

1

Res/Note/d...oad.js

windows10-2004-x64

1

mycaca.exe

windows7-x64

1

mycaca.exe

windows10-2004-x64

1

$PROGRAM_F...rX.dll

windows7-x64

7

$PROGRAM_F...rX.dll

windows10-2004-x64

7

$PROGRAM_F...ce.exe

windows7-x64

1

$PROGRAM_F...ce.exe

windows10-2004-x64

1

skins/�...oad.js

windows7-x64

1

skins/�...oad.js

windows10-2004-x64

1

skins/�...gka.js

windows7-x64

1

skins/�...gka.js

windows10-2004-x64

1

skins/�...gka.js

windows7-x64

1

skins/�...gka.js

windows10-2004-x64

1

skins/�...gka.js

windows7-x64

1

skins/�...gka.js

windows10-2004-x64

1

skins/�...Set.js

windows7-x64

1

skins/�...Set.js

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

max time kernel
139s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
16/03/2024, 11:34

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

DesktopSpriteV4.1_2K.exe

Resource

win7-20240220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

DesktopSpriteV4.1_2K.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

CheckUpdate.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

CheckUpdate.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

DesktopSprite.exe

Resource

win7-20240221-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral10

Sample

DesktopSprite.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral11

Sample

GdiPlus.dll

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

GdiPlus.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

Res/Note/default/OnLoad.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Res/Note/default/OnLoad.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

mycaca.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

mycaca.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll

Resource

win7-20240221-en

adware bootkit persistence stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral18

Sample

$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll

Resource

win10v2004-20240226-en

adware bootkit persistence stealer

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral19

Sample

$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduService.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduService.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

skins/ǩ/Onload.js

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

skins/ǩ/Onload.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

skins/ʱ/ľʱ/OnSettingka.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

skins/ʱ/ľʱ/OnSettingka.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

skins/ʱ/԰ʱ/OnSettingka.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

skins/ʱ/԰ʱ/OnSettingka.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

skins/ʱ/Զ嵹ʱ/OnSettingka.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

skins/ʱ/Զ嵹ʱ/OnSettingka.js

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

skins///OnSet.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

skins///OnSet.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

uninst.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral32

Sample

uninst.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

4 signatures

150 seconds

Report Analysis Logs

General

Target

skins/ǩ/Onload.js
Size

14KB
MD5

4bc153570f1ba09847ad05898472998e
SHA1

eecccddc06eef93ff9d661536e64d248bdc4a1ab
SHA256

853c6a700398cbda3be1558a8f664a4f06e642734f9233dbd1af7346b9173343
SHA512

cd24252fa56d8d8739aeb7f7cd0ecd4dcfb34e0992812e726ef7764ab64c35fdf9659d17ecd54b3f6703c5341f3fe5a40f10cfc85748bf759d08ac7346156bb9
SSDEEP

384:l1SY0fqViHVhEAQO2CX92RobUM1e7uKuyaUVuakW56GjR:l4YuqViHV+AQO2CIRNM1e7tjjR

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\skins\ǩ\Onload.js
1⤵
PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy