Overview

overview

7

Static

static

7

Hone - Installer.exe

windows10-1703-x64

4

$PLUGINSDI...ics.js

windows10-1703-x64

1

$PLUGINSDI...nds.js

windows10-1703-x64

1

$PLUGINSDI...ies.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...der.js

windows10-1703-x64

1

$PLUGINSDI...ils.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ate.js

windows10-1703-x64

1

$PLUGINSDI...ler.js

windows10-1703-x64

1

$PLUGINSDI...s.html

windows10-1703-x64

4

$PLUGINSDI...et.dll

windows10-1703-x64

1

$PLUGINSDI...ss.dll

windows10-1703-x64

3

$PLUGINSDI...7z.dll

windows10-1703-x64

7

$PLUGINSDI...64.dll

windows10-1703-x64

1

$PLUGINSDIR/uac.dll

windows10-1703-x64

3

$PLUGINSDIR/utils.dll

windows10-1703-x64

3

$PLUGINSDI...rp.dll

windows10-1703-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    82s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    19-03-2024 22:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/nsis7z.dll

  • Size

    90KB

  • MD5

    5f7b4898b3521b24eb3e8004e15265c8

  • SHA1

    da36c65df89f8703cf36ee3834c161b1c3631c1d

  • SHA256

    31ab3aace28272f7b4c5411344fe6f4b5e80e51fe0c5a1628b319b0e02a6a93a

  • SHA512

    48d00d650416a3434013ffd3196045b9fa714e7342acb714e40b8dff65e3a07567aba4a414e8c1173666a8084aebb64f037f05d11ef40ed17539f6592689758c

  • SSDEEP

    1536:94Xm0KD49p7B8vri9UX0X8oX03ZY5LUDuXfAw3RlePlEDyWHci+nouy8Qc3h107z:94W0KMrKri9UX0X8Z365LUqXYwBleqlJ

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsis7z.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1600
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsis7z.dll,#1
      2⤵
        PID:928
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 928 -s 616
          3⤵
          • Program crash
          PID:2128

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/928-0-0x0000000010000000-0x0000000010036000-memory.dmp

      Filesize

      216KB

      Download

    • memory/928-1-0x0000000010000000-0x0000000010036000-memory.dmp

      Filesize

      216KB

      Download

    • memory/928-12-0x0000000010000000-0x0000000010036000-memory.dmp

      Filesize

      216KB

      Download