Overview

overview

7

Static

static

7

droidkit-en-setup.exe

windows11-21h2-x64

4

$PLUGINSDI...er.dll

windows11-21h2-x64

3

$PLUGINSDI...Vs.dll

windows11-21h2-x64

3

$PLUGINSDI...ib.dll

windows11-21h2-x64

3

$PLUGINSDIR/Help.ico

windows11-21h2-x64

3

$PLUGINSDIR/Setup.ico

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...up.exe

windows11-21h2-x64

7

$PLUGINSDI...ll.ico

windows11-21h2-x64

3

$PLUGINSDI...00.dll

windows11-21h2-x64

1

$PLUGINSDI...00.dll

windows11-21h2-x64

1

$PLUGINSDIR/nsDui.dll

windows11-21h2-x64

3

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDI...7z.dll

windows11-21h2-x64

3

$PLUGINSDI...ry.dll

windows11-21h2-x64

3

$PLUGINSDI...om.txt

windows11-21h2-x64

3

$PLUGINSDI...ll.exe

windows11-21h2-x64

4

$PLUGINSDI...ll.bmp

windows11-21h2-x64

3

$PLUGINSDI...sh.bmp

windows11-21h2-x64

3

$PLUGINSDIR/bg.bmp

windows11-21h2-x64

3

$PLUGINSDI...se.bmp

windows11-21h2-x64

3

$PLUGINSDI...ep.bmp

windows11-21h2-x64

3

$PLUGINSDI...ze.bmp

windows11-21h2-x64

3

$PLUGINSDI...ct.bmp

windows11-21h2-x64

3

$PLUGINSDI...t1.bmp

windows11-21h2-x64

3

$PLUGINSDI...rt.bmp

windows11-21h2-x64

3

$PLUGINSDI...ll.bmp

windows11-21h2-x64

3

$PLUGINSDI...x1.bmp

windows11-21h2-x64

3

$PLUGINSDI...x2.bmp

windows11-21h2-x64

3

$PLUGINSDI...bg.bmp

windows11-21h2-x64

3

$PLUGINSDI...ll.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    166s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19-04-2024 12:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/bg.bmp

  • Size

    795KB

  • MD5

    ee369fa57460d020d7a21f32edd0260d

  • SHA1

    e411799a45e926510d302da659c8265d00a42648

  • SHA256

    48087b25d527f22bea6dd55cc6c111a9d44769f795c1a8f6ac3f91fa0a700290

  • SHA512

    410d1cfec73337461adfc77c6ad7fa1032b96f9b07793c7112a190c601755953fc34eb35a0236e2860e67426c644c255f9d67ac119441e2f20b879073333c2ef

  • SSDEEP

    3072:eo4LP8EgN9B0x9DuGngpwQVAwI0VVtomio:ehPc9ODHgpwmAwI0umJ

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\bg.bmp
    1⤵
    • Modifies registry class
    PID:2808
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads