7d69e0d82e74059115486fae5dd5ac6463c7fccd91dbbcaa9587117c7d201ddb

Submit
Reports

Overview

overview

Static

static

0490e8427a...c7.elf

ubuntu-18.04-amd64

0490e8427a...c7.elf

debian-9-armhf

0490e8427a...c7.elf

debian-9-mips

0490e8427a...c7.elf

debian-9-mipsel

068428a4ac...26.exe

windows7-x64

068428a4ac...26.exe

windows10-2004-x64

087421ac22...94.elf

debian-9-mipsel

0c4791a6b4...ea.elf

debian-9-armhf

0d9bd2ae2e...ea.exe

windows7-x64

0d9bd2ae2e...ea.exe

windows10-2004-x64

0fa00d4f4f...70.dll

windows7-x64

0fa00d4f4f...70.dll

windows10-2004-x64

10de02fec8...d1.bat

windows7-x64

10de02fec8...d1.bat

windows10-2004-x64

1157191701...32.exe

windows7-x64

1157191701...32.exe

windows10-2004-x64

16e81343ec...a5.exe

windows7-x64

16e81343ec...a5.exe

windows10-2004-x64

17691f0962...b7.elf

debian-9-mipsel

17c24104e8...12.exe

windows7-x64

17c24104e8...12.exe

windows10-2004-x64

$PLUGINSDI...ol.dll

windows7-x64

$PLUGINSDI...ol.dll

windows10-2004-x64

$PLUGINSDI...ss.dll

windows7-x64

$PLUGINSDI...ss.dll

windows10-2004-x64

CommandPost.exe

windows7-x64

CommandPost.exe

windows10-2004-x64

Uninstall.exe

windows7-x64

Uninstall.exe

windows10-2004-x64

$PLUGINSDI...ss.dll

windows7-x64

$PLUGINSDI...ss.dll

windows10-2004-x64

1816cd993d...28.exe

windows7-x64

Resubmissions

22-04-2024 22:02

240422-1xtwbagh68 10

22-04-2024 19:25

240422-x42b7afa68 10

19-04-2024 03:02

240419-djmthsfh8w 10

Analysis

max time kernel
128s
max time network
44s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
19-04-2024 03:02

Sharing

Copy URL

Twitter E-mail

Static task

static1

37 signatures

Behavioral task

behavioral1

Sample

0490e8427ac66951389e11dbd990c19cb1ee43102c33935b12db6a4eca7717c7.elf

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

0490e8427ac66951389e11dbd990c19cb1ee43102c33935b12db6a4eca7717c7.elf

Resource

debian9-armhf-20240226-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

0490e8427ac66951389e11dbd990c19cb1ee43102c33935b12db6a4eca7717c7.elf

Resource

debian9-mipsbe-20240226-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

0490e8427ac66951389e11dbd990c19cb1ee43102c33935b12db6a4eca7717c7.elf

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

068428a4acb65807251b3b4c0aee2101519fdaebf6db5376863da5add3471f26.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

068428a4acb65807251b3b4c0aee2101519fdaebf6db5376863da5add3471f26.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

087421ac222e935579dfd3b7a5120451fd9d9a663d3d1872c04b6154b238c894.elf

Resource

debian9-mipsel-20240226-en

adwind asyncrat dcrat gafgyt mirai redline sectoprat xworm zgrat cheat mirai sora botnet infostealer rat trojan upx

debian-9-mipsel

19 signatures

150 seconds

Behavioral task

behavioral8

Sample

0c4791a6b47491a0c43cea0ba54357e391a3c8b23aa28025489bbe43bb9ea6ea.elf

Resource

debian9-armhf-20240226-en

mirai sora botnet

debian-9-armhf

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

0d9bd2ae2e4b023047b6c08684e9e5daae76e31cced4c3fdf4640136245f7eea.exe

Resource

win7-20240221-en

snakekeylogger collection keylogger stealer upx

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral10

Sample

0d9bd2ae2e4b023047b6c08684e9e5daae76e31cced4c3fdf4640136245f7eea.exe

Resource

win10v2004-20240412-en

upx

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

0fa00d4f4f8e8449883aef7f0459a0fb754d57d55af2b41f5e445f867000fa70.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

0fa00d4f4f8e8449883aef7f0459a0fb754d57d55af2b41f5e445f867000fa70.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

10de02fec8ac3edbf1398e6dd43ddec95a89e0499e1e865a7d9e5289fb2b31d1.bat

Resource

win7-20240319-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

10de02fec8ac3edbf1398e6dd43ddec95a89e0499e1e865a7d9e5289fb2b31d1.bat

Resource

win10v2004-20240412-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

11571917015adbf3b5196509e1082c8d415f011cce88bd8b16e9d9c5a39ac432.exe

Resource

win7-20240221-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral16

Sample

11571917015adbf3b5196509e1082c8d415f011cce88bd8b16e9d9c5a39ac432.exe

Resource

win10v2004-20240412-en

lumma stealer

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral17

Sample

16e81343ecea6082d76bf1ab26818c3bf56929c92468fae8837c6384b62d05a5.exe

Resource

win7-20231129-en

collection spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral18

Sample

16e81343ecea6082d76bf1ab26818c3bf56929c92468fae8837c6384b62d05a5.exe

Resource

win10v2004-20240226-en

collection spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral19

Sample

17691f0962027e7110f727ae997f8af5885dd783674d1db023d467ec478515b7.elf

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

17c24104e8e5350eeb7e2a162dec3f6a4d6c70f3f0849e6346fd383d998dcc12.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

17c24104e8e5350eeb7e2a162dec3f6a4d6c70f3f0849e6346fd383d998dcc12.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

$PLUGINSDIR/AccessControl.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

$PLUGINSDIR/AccessControl.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win7-20240319-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

CommandPost.exe

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral27

Sample

CommandPost.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

Uninstall.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral29

Sample

Uninstall.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

1816cd993ddda970b791b090e6ecb501ef923bdcc0cc5f4a99e18dcdb7093228.exe

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Report Analysis Logs

General

Target

068428a4acb65807251b3b4c0aee2101519fdaebf6db5376863da5add3471f26.exe
Size

2.7MB
MD5

853a9918a66c6de88c9d8577726f2605
SHA1

36b6e43bcd91cdb0ca35c48a3b8644ba0d51f305
SHA256

068428a4acb65807251b3b4c0aee2101519fdaebf6db5376863da5add3471f26
SHA512

7980da87d70698ea26bf2109174cdbad041ff1c35ef19beb29985fa6a9ffeaa17df920b7ad9331700863cf7cc7b492e06fa1b9ff06a35e14779b742559d04489
SSDEEP

24576:W0FRFbz9JmGF6uabHxZ2/AVWcE1+APcSs+x4HRjcKx+Afz0bRK+m4pGAhiBLqx7I:Wc5/mGJae/AJcBPcRjcA+AYDZLx7acT

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\068428a4acb65807251b3b4c0aee2101519fdaebf6db5376863da5add3471f26.exe
"C:\Users\Admin\AppData\Local\Temp\068428a4acb65807251b3b4c0aee2101519fdaebf6db5376863da5add3471f26.exe"
1⤵
PID:1648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1648-0-0x000000013FC80000-0x000000013FF93000-memory.dmp

Filesize
3.1MB

Download