Overview

overview

7

Static

static

3

ui.exe

windows7-x64

7

ui.exe

windows10-2004-x64

3

data/app.so

ubuntu-20.04-amd64

1

data/flutt...st.bin

windows7-x64

3

data/flutt...st.bin

windows10-2004-x64

3

data/flutt...t.json

windows7-x64

3

data/flutt...t.json

windows10-2004-x64

3

data/flutt...t.json

windows7-x64

3

data/flutt...t.json

windows10-2004-x64

3

data/flutt...CES.gz

windows7-x64

3

data/flutt...CES.gz

windows10-2004-x64

7

NOTICES.z

windows7-x64

3

NOTICES.z

windows10-2004-x64

3

data/flutt...er.png

windows7-x64

3

data/flutt...er.png

windows10-2004-x64

3

data/flutt...go.ico

windows7-x64

3

data/flutt...go.ico

windows10-2004-x64

3

data/flutt...go.png

windows7-x64

3

data/flutt...go.png

windows10-2004-x64

3

data/flutt...s.json

windows7-x64

3

data/flutt...s.json

windows10-2004-x64

3

data/flutt...g.json

windows7-x64

3

data/flutt...g.json

windows10-2004-x64

3

data/flutt...ar.otf

windows7-x64

3

data/flutt...ar.otf

windows10-2004-x64

7

data/flutt...ns.ttf

windows7-x64

3

data/flutt...ns.ttf

windows10-2004-x64

7

data/flutt...se.png

windows7-x64

3

data/flutt...se.png

windows10-2004-x64

3

data/flutt...ze.png

windows7-x64

3

data/flutt...ze.png

windows10-2004-x64

3

data/flutt...ze.png

windows7-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    28-04-2024 20:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    data/flutter_assets/assets/Logo.png

  • Size

    369KB

  • MD5

    66b2e231bb458ba990db4264fc33a8a2

  • SHA1

    176089b7928351b306e4f3ffd3f380daebdd77e3

  • SHA256

    f79f963e3252c8955eae8c78d8a2dd082bbb3e4654d464af1124ef40fa5741a6

  • SHA512

    5a9306e0ed1fab63b0a37f62f7baf9ccbd0acb63b97f58d2d9c04c64233acdb020c3364a025ec476c8e06182fcc11d43b89a0127990586c8c53111d5d5c6a07e

  • SSDEEP

    6144:35bzZ54LuEMeSFVqtbNWVoyJAwW+GgKh+7RSphD5TEPiLqsCWDJeJ4+bEmUfoym:ZyQYN5yJsMK8d+1dhCxJ4OEZg1

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\data\flutter_assets\assets\Logo.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1824

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1824-0-0x0000000001D70000-0x0000000001D71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1824-1-0x0000000001D70000-0x0000000001D71000-memory.dmp
    Filesize

    4KB

    Download