Overview

overview

7

Static

static

3

mkvtoolnix...up.exe

windows7-x64

7

mkvtoolnix...up.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

cygz.dll

windows7-x64

3

cygz.dll

windows10-2004-x64

3

doc/base64tool.html

windows7-x64

1

doc/base64tool.html

windows10-2004-x64

1

doc/mkvextract.html

windows7-x64

1

doc/mkvextract.html

windows10-2004-x64

1

doc/mkvinfo.html

windows7-x64

1

doc/mkvinfo.html

windows10-2004-x64

1

doc/mkvmerge-gui.html

windows7-x64

1

doc/mkvmerge-gui.html

windows10-2004-x64

1

doc/mkvmerge.html

windows7-x64

1

doc/mkvmerge.html

windows10-2004-x64

1

doc/mmg.html

windows7-x64

1

doc/mmg.html

windows10-2004-x64

1

libcharset.dll

windows7-x64

1

libcharset.dll

windows10-2004-x64

1

libebml.dll

windows7-x64

3

libebml.dll

windows10-2004-x64

3

libiconv.dll

windows7-x64

3

libiconv.dll

windows10-2004-x64

3

libmatroska.dll

windows7-x64

1

libmatroska.dll

windows10-2004-x64

3

mkvextract.exe

windows7-x64

1

mkvextract.exe

windows10-2004-x64

1

mkvinfo.exe

windows7-x64

1

mkvinfo.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/04/2024, 00:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mkvtoolnix-unicode-2.4.1-setup.exe

  • Size

    3.9MB

  • MD5

    30c9d4c5f07eff00d9328dfe5cc56f84

  • SHA1

    aa2cebf70d782e6a7d55bc04fd634a65ba598735

  • SHA256

    a8ee40b45468213a4039d2f1c62bc0508c8aac6108697b22b49d793cd325bf7f

  • SHA512

    d19403c917ad61f2cf3514f7d49a8ac68df27664b49222a7f36d723cb9c3bb88cab334d957cf5f1ba8935d0a643a36d517cb63983efb7478bbad178197ea4b5d

  • SSDEEP

    98304:c0D/qAo6+hCIwMmtVnBtqluc7zMb1zjzSkEwYo8pwCw8lLY:ckS3xCpMmtVn+luccBDELw3

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\mkvtoolnix-unicode-2.4.1-setup.exe
    "C:\Users\Admin\AppData\Local\Temp\mkvtoolnix-unicode-2.4.1-setup.exe"
    1⤵
    • Loads dropped DLL
    PID:1560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsa7AFE.tmp\InstallOptions.dll
    Filesize

    16KB

    MD5

    81d523c4efc5d93891c76e90ec740089

    SHA1

    4d8e7eb2702086d5ca7b9ed4e2ba29dd2409a380

    SHA256

    62f96f93647ab30a7ee7a545e787084169f890a693f9fc5a8775143008aa6254

    SHA512

    52229a466aee9929cd47bffd763b96a7bc1aa394651593e1738e339ba64d2bac1a8148ff3f4f69911a7786cb717932175fdd136879c38fb1234b28def9ed357c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa7AFE.tmp\ioSpecial.ini
    Filesize

    700B

    MD5

    784b36bc3b56c321ca8c5f0bbbbb293c

    SHA1

    b568204ed1ab7414e06023a7ca43fbd2b1be4915

    SHA256

    06249e905287cb462f74b635c6adef2cc8863a643ccf6e227089f13489323a4d

    SHA512

    6394a521da4da1552dde715227ca7f6ebf27944e723c1c9533ed90b9c1aaa115f99edc73670184becdf5db4ac610d568b52afdf3b9c8d52b2994cdb597ee0113

    Download Submit

  • memory/1560-76-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1560-77-0x000000006AF00000-0x000000006AF0D000-memory.dmp

    Filesize

    52KB

    Download