0db9ac02645846b5033b403a818544371046214bfedef7e70d44f5f825713c00 | Triage

Submit
Reports

Overview

overview

3

Static

static

3

0db9ac0264...00.exe

windows7-x64

3

0db9ac0264...00.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

7z.dll

windows7-x64

3

7z.dll

windows10-2004-x64

3

7z.exe

windows7-x64

1

7z.exe

windows10-2004-x64

1

WeaselDeployer.exe

windows7-x64

1

WeaselDeployer.exe

windows10-2004-x64

1

WeaselServer.exe

windows7-x64

1

WeaselServer.exe

windows10-2004-x64

1

WinSparkle.dll

windows7-x64

1

WinSparkle.dll

windows10-2004-x64

1

curl.exe

windows7-x64

1

curl.exe

windows10-2004-x64

1

rime-insta...ig.bat

windows7-x64

1

rime-insta...ig.bat

windows10-2004-x64

1

rime-install.bat

windows7-x64

1

rime-install.bat

windows10-2004-x64

1

rime.dll

windows7-x64

1

rime.dll

windows10-2004-x64

1

start_service.bat

windows7-x64

1

start_service.bat

windows10-2004-x64

1

stop_service.bat

windows7-x64

1

stop_service.bat

windows10-2004-x64

1

weasel.dll

windows7-x64

1

weasel.dll

windows10-2004-x64

1

weasel.dll

windows7-x64

3

weasel.dll

windows10-2004-x64

3

Analysis

max time kernel
143s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
26-03-2024 08:59

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0db9ac02645846b5033b403a818544371046214bfedef7e70d44f5f825713c00.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0db9ac02645846b5033b403a818544371046214bfedef7e70d44f5f825713c00.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240319-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

7z.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

7z.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

7z.exe

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

7z.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

WeaselDeployer.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

WeaselDeployer.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

WeaselServer.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

WeaselServer.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

WinSparkle.dll

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

WinSparkle.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

curl.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

curl.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

rime-install-config.bat

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

rime-install-config.bat

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

rime-install.bat

Resource

win7-20240319-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

rime-install.bat

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

rime.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

rime.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

start_service.bat

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

start_service.bat

Resource

win10v2004-20240226-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

stop_service.bat

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

stop_service.bat

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

weasel.dll

Resource

win7-20240220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

weasel.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

weasel.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

weasel.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

curl.exe
Size

3.4MB
MD5

d9ea512ee580ecffee587a4c3759527f
SHA1

b91480398b8820436b6634421d5af628e482b890
SHA256

4c493f7dc51a50bbe139993cdb1267dd1f7a33020df9075ecd7d28fdce9ec63f
SHA512

ba212d929e7ee9478ff141f36950673eabcb31f71c39818d3f6a0a6f7ab57e2676445d815baf6bc5f97477b4c8d6cbcc07f8051b87cfe800924064b5989ce7c4
SSDEEP

98304:Q61JrfvgRnMoHNNbwH3MhrHAGeEyU/4BiCklNl5tj0Qh+Pw/YlAKGC9eX2nuZHz7:/rfvgRMoHNNbwH3eTeEyU/4BiCklNl5D

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\curl.exe
"C:\Users\Admin\AppData\Local\Temp\curl.exe"
1⤵
PID:2436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2436-0-0x00000000007B0000-0x0000000000B23000-memory.dmp

Filesize
3.4MB

Download

© 2018-2025

Terms | Privacy