privateloader | 5c9f078e9a4f15bda5af2ed8aed826ecfd3e2af0d36458a0a582df8455a23e38 | Triage

Submit
Reports

Overview

overview

Static

static

10307f9873...18.exe

windows7-x64

7

10307f9873...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

4dotsLangu...er.exe

windows7-x64

1

4dotsLangu...er.exe

windows10-2004-x64

1

Free MOV T...al.url

windows7-x64

1

Free MOV T...al.url

windows10-2004-x64

1

FreeMOVToM...er.exe

windows7-x64

1

FreeMOVToM...er.exe

windows10-2004-x64

6

GlowButton.dll

windows7-x64

1

GlowButton.dll

windows10-2004-x64

1

MediaSlider.dll

windows7-x64

1

MediaSlider.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

ffmpeg.exe

windows7-x64

ffmpeg.exe

windows10-2004-x64

license_agreement.rtf

windows7-x64

4

license_agreement.rtf

windows10-2004-x64

1

mplayer.exe

windows7-x64

1

mplayer.exe

windows10-2004-x64

1

Analysis

max time kernel
129s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
03/05/2024, 09:28

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

10307f9873c21ae7ec3f55b6ddc8e0c3_JaffaCakes118.exe

Resource

win7-20240215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

10307f9873c21ae7ec3f55b6ddc8e0c3_JaffaCakes118.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/inetc.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/inetc.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

4dotsLanguageDownloader.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

4dotsLanguageDownloader.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Free MOV To MP3 Converter 4dots - User's Manual.url

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Free MOV To MP3 Converter 4dots - User's Manual.url

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

FreeMOVToMP3Converter.exe

Resource

win7-20240419-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

FreeMOVToMP3Converter.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral17

Sample

GlowButton.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

GlowButton.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

MediaSlider.dll

Resource

win7-20240215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

MediaSlider.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

Uninstall.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral22

Sample

Uninstall.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral23

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

ffmpeg.exe

Resource

win7-20240419-en

privateloader loader

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

ffmpeg.exe

Resource

win10v2004-20240419-en

privateloader loader

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

license_agreement.rtf

Resource

win7-20240215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral28

Sample

license_agreement.rtf

Resource

win10v2004-20240426-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral29

Sample

mplayer.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

mplayer.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

ffmpeg.exe
Size

23.8MB
MD5

fa4c4259ff26da782fc45f48a5e3e7cf
SHA1

8c0bd9037eea294a000558cc1be951161d643bf2
SHA256

0c9ad491564af3316cb7f829dc6b8c800f2921ad2f4fc443e23f43f09322837c
SHA512

7d443cb26954b49df0aaacf671c238567fe975d638549bb7ecc4d9a05c9d2bef655d0e0f2d30ab86498a4d6ede9e33ebda6a0b6075098bbac3513a7eba4ad35d
SSDEEP

393216:4cUtOKBZz6S5rDI4j5TqxoDsPPfhGwQLp0dlHc:4cUtxprJRi

Score

10^/10

privateloader loader

Malware Config

Signatures

PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
loader privateloader

Processes

C:\Users\Admin\AppData\Local\Temp\ffmpeg.exe
"C:\Users\Admin\AppData\Local\Temp\ffmpeg.exe"
1⤵
PID:628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/628-1-0x0000000000401000-0x00000000015A3000-memory.dmp

Filesize
17.6MB

Download
memory/628-0-0x0000000000400000-0x000000000247F000-memory.dmp

Filesize
32.5MB

Download
memory/628-2-0x0000000000400000-0x000000000247F000-memory.dmp

Filesize
32.5MB

Download

© 2018-2025

Terms | Privacy