Overview

overview

10

Static

static

3

11a56dab8a...18.exe

windows7-x64

10

11a56dab8a...18.exe

windows10-2004-x64

10

$APPDATA/k...60.dll

windows7-x64

1

$APPDATA/k...60.dll

windows10-2004-x64

1

$APPDATA/k...PN.dll

windows7-x64

1

$APPDATA/k...PN.dll

windows10-2004-x64

1

$APPDATA/k...ms.dll

windows7-x64

1

$APPDATA/k...ms.dll

windows10-2004-x64

1

$APPDATA/k...rt.exe

windows7-x64

1

$APPDATA/k...rt.exe

windows10-2004-x64

1

$APPDATA/t...60.dll

windows7-x64

1

$APPDATA/t...60.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/Holotype.dll

windows7-x64

10

$TEMP/Holotype.dll

windows10-2004-x64

10

$TEMP/publ...60.dll

windows7-x64

1

$TEMP/publ...60.dll

windows10-2004-x64

1

$TEMP/publ...60.dll

windows7-x64

1

$TEMP/publ...60.dll

windows10-2004-x64

1

$TEMP/publ...ce.dll

windows7-x64

1

$TEMP/publ...ce.dll

windows10-2004-x64

1

$TEMP/publ...UI.dll

windows7-x64

1

$TEMP/publ...UI.dll

windows10-2004-x64

1

$TEMP/publ...UI.dll

windows7-x64

1

$TEMP/publ...UI.dll

windows10-2004-x64

1

$TEMP/publ.../gzexe

ubuntu-18.04-amd64

1

$TEMP/publ.../gzexe

debian-9-armhf

1

$TEMP/publ.../gzexe

debian-9-mips

$TEMP/publ.../gzexe

debian-9-mipsel

Analysis

  • max time kernel
    140s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-05-2024 07:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMP/public_ftp/MicrosoftVisualJUpgradeEngineInterface.dll

  • Size

    7KB

  • MD5

    20712da756917c247c0b6b00bb323a92

  • SHA1

    3839d561e4f98f90d1d6927f18da38c52c29487a

  • SHA256

    afae09aa5b7e708b885ad2a54d13db86a7a53b0c1b5b5490e7055ad859f5cc30

  • SHA512

    442e0f6bf9c7857ed74a840c5d12ceffd362e106fafabeb3a6d1db55f82c8ad2cb188c4a97ae1dcbd1c17d8fa0950636c2b3aaa8226bb44eedf4384c2eded9bd

  • SSDEEP

    96:B1ylB3oTgvhx6h2s6CX67RHY8O3mw1NRg2V2Ey2+E/M5dgiL3QN18xv+OKf3zzDn:Ng5whoCgHSVuKi68xWWLbNKOWN

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$TEMP\public_ftp\MicrosoftVisualJUpgradeEngineInterface.dll,#1
    1⤵
      PID:1400

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads