Overview
overview
10Static
static
3InstaIler.exe
windows10-1703-x64
10amsvcp120.dll
windows10-1703-x64
3dll/libEGL.dll
windows10-1703-x64
1dll/ssleay32.dll
windows10-1703-x64
1files/libs...re.dll
windows10-1703-x64
3files/libs/libEGL.dll
windows10-1703-x64
1files/libs...32.dll
windows10-1703-x64
1files/libs...20.dll
windows10-1703-x64
3files/libs...20.dll
windows10-1703-x64
3files/libs...sw.dll
windows10-1703-x64
1files/libs...32.dll
windows10-1703-x64
1files/libs...it.dll
windows10-1703-x64
1files/libs/wsepno.dll
windows10-1703-x64
1files/libs/wshbth.dll
windows10-1703-x64
1files/libs/wshcon.dll
windows10-1703-x64
7Analysis
-
max time kernel
123s -
max time network
138s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
25/04/2024, 16:27
Static task
static1
Behavioral task
behavioral1
Sample
InstaIler.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
amsvcp120.dll
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
dll/libEGL.dll
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
dll/ssleay32.dll
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
files/libs/Qt5Core.dll
Resource
win10-20240404-en
Behavioral task
behavioral6
Sample
files/libs/libEGL.dll
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
files/libs/libeay32.dll
Resource
win10-20240404-en
Behavioral task
behavioral8
Sample
files/libs/msvcp120.dll
Resource
win10-20240404-en
Behavioral task
behavioral9
Sample
files/libs/msvcr120.dll
Resource
win10-20240404-en
Behavioral task
behavioral10
Sample
files/libs/opengl32sw.dll
Resource
win10-20240404-en
Behavioral task
behavioral11
Sample
files/libs/ssleay32.dll
Resource
win10-20240404-en
Behavioral task
behavioral12
Sample
files/libs/wsecedit.dll
Resource
win10-20240404-en
Behavioral task
behavioral13
Sample
files/libs/wsepno.dll
Resource
win10-20240404-en
Behavioral task
behavioral14
Sample
files/libs/wshbth.dll
Resource
win10-20240404-en
Behavioral task
behavioral15
Sample
files/libs/wshcon.dll
Resource
win10-20240404-en
General
-
Target
files/libs/wshcon.dll
-
Size
24KB
-
MD5
6ed26eb99845c26452cc761b644d31b7
-
SHA1
48a260c424d8de906d8f30f2ab65e776a05827a7
-
SHA256
7e2f590e58a32873864f44ccb5d43547970a7ee8437667736e00460ead96a23f
-
SHA512
f2ccee91a8010b8fa9a9610ae6f8c5093c1d002f36ca0a6e41750b5672358659fb72626713537949fc4f3f741efb332dac5f759b7dc1b27029122f04a2330b36
-
SSDEEP
768:0tfil4NzBq+vRNw4DXAhiAaTpyAWaFnx5RFYi2:kBq+vbw2XAhiAaTUXaNxXFYi2
Malware Config
Signatures
-
Registers COM server for autorun 1 TTPs 1 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090}\InprocServer32 regsvr32.exe -
Modifies registry class 13 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WSHController regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090}\TypeLib regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090}\ProgID regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WSHController\CLSID regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{563DC060-B09A-11D2-A24D-00104BD35090} regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090}\Version regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{563DC060-B09A-11D2-A24D-00104BD35090}\1.0 regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090}\InprocServer32 regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090}\Implemented Categories regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{563DC060-B09A-11D2-A24D-00104BD35090}\1.0\HELPDIR regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{563DC062-B09A-11D2-A24D-00104BD35090} regsvr32.exe