7270e81ff76322c4fe062d629051d369e6cf8d7bbe86f226c662daea1e7fbd9b

Submit
Reports

Overview

overview

Static

static

MonoBleedi...tor.js

windows10-2004-x64

MonoBleedi...tor.js

windows10-2004-x64

Theory of ...ng.exe

windows10-2004-x64

Theory of ...er.dll

windows10-2004-x64

Theory of ...gc.dll

windows10-2004-x64

Theory of ...tor.js

windows10-2004-x64

Theory of ...tor.js

windows10-2004-x64

Theory of ...tor.js

windows10-2004-x64

Theory of ...ng.exe

windows10-2004-x64

Theory of ...rp.dll

windows10-2004-x64

Theory of ...ty.dll

windows10-2004-x64

Theory of ...on.dll

windows10-2004-x64

Theory of ...on.dll

windows10-2004-x64

Theory of ...re.dll

windows10-2004-x64

Theory of ...ta.dll

windows10-2004-x64

Theory of ...ce.dll

windows10-2004-x64

Theory of ...ng.dll

windows10-2004-x64

Theory of ...es.dll

windows10-2004-x64

Theory of ...ns.dll

windows10-2004-x64

Theory of ...em.dll

windows10-2004-x64

Theory of ...on.dll

windows10-2004-x64

Theory of ...tp.dll

windows10-2004-x64

Theory of ...cs.dll

windows10-2004-x64

Theory of ...ml.dll

windows10-2004-x64

Theory of ...on.dll

windows10-2004-x64

Theory of ...ls.dll

windows10-2004-x64

Theory of ...ns.dll

windows10-2004-x64

Theory of ...nq.dll

windows10-2004-x64

Theory of ...nt.dll

windows10-2004-x64

Theory of ...ml.dll

windows10-2004-x64

Theory of ...em.dll

windows10-2004-x64

Theory of ...me.dll

windows10-2004-x64

Analysis

max time kernel
1790s
max time network
1799s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
14-05-2024 12:29

Sharing

Copy URL

Twitter E-mail

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

MonoBleedingEdge/etc/mono/4.0/DefaultWsdlHelpGenerator.js

Resource

win10v2004-20240426-en

execution

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral2

Sample

MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.js

Resource

win10v2004-20240426-en

execution pyinstaller spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral3

Sample

Theory of Everything.exe

Resource

win10v2004-20240508-en

spyware

windows10-2004-x64

12 signatures

1800 seconds

Behavioral task

behavioral4

Sample

Theory of Everything_Data/MonoBleedingEdge/EmbedRuntime/MonoPosixHelper.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

Theory of Everything_Data/MonoBleedingEdge/EmbedRuntime/mono-2.0-bdwgc.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

Theory of Everything_Data/MonoBleedingEdge/etc/mono/2.0/DefaultWsdlHelpGenerator.js

Resource

win10v2004-20240226-en

execution

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral7

Sample

Theory of Everything_Data/MonoBleedingEdge/etc/mono/4.0/DefaultWsdlHelpGenerator.js

Resource

win10v2004-20240426-en

execution

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral8

Sample

Theory of Everything_Data/MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.js

Resource

win10v2004-20240508-en

execution

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral9

Sample

Theory of Everything_Data/Theory of Everything.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral10

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/Assembly-CSharp.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/Mono.Security.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.ComponentModel.Composition.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Configuration.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Core.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Data.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Diagnostics.StackTrace.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Drawing.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.EnterpriseServices.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Globalization.Extensions.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.IO.Compression.FileSystem.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.IO.Compression.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral22

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Net.Http.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral23

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Numerics.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral24

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Runtime.Serialization.Xml.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral25

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Runtime.Serialization.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral26

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.ServiceModel.Internals.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral27

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Transactions.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral28

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Xml.Linq.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral29

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Xml.XPath.XDocument.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral30

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Xml.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral31

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/System.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral32

Sample

Theory of Everything_Data/Theory of Everything_Data/Managed/Unity.2D.Animation.Runtime.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

Theory of Everything_Data/Theory of Everything_Data/Managed/System.Drawing.dll
Size

180KB
MD5

1afff3a67c365aed5c2603e9c69d8c51
SHA1

9a95855ddf016638e72c3bba8749823969fcd9e7
SHA256

41d7f9907c43d1c9dda3cd4a9eda76c836dcc7daf7f657ba993f6b6d9c146ae1
SHA512

9252dba52939c852f8377a58b2f0ff673775f409f41d5efb463c50cde72da8d1c6ef595f3d1ef94db3351d3b41a66711dc6ed299a8fd1b5a880c04af25614c7a
SSDEEP

3072:EigawrUmay+yV3XOe3QpYbh+q6FR3F7lx:v2VnOppYbh9Oxl

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Theory of Everything_Data\Theory of Everything_Data\Managed\System.Drawing.dll",#1
1⤵
PID:1780

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1416,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=4648 /prefetch:8
1⤵
PID:4100

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads