Overview

overview

8

Static

static

3

Acrylic.exe

windows7-x64

8

Acrylic.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

AcrylicConsole.exe

windows7-x64

1

AcrylicConsole.exe

windows10-2004-x64

1

AcrylicService.exe

windows7-x64

1

AcrylicService.exe

windows10-2004-x64

1

AcrylicUI.exe

windows7-x64

1

AcrylicUI.exe

windows10-2004-x64

1

ActivateAc...og.bat

windows7-x64

1

ActivateAc...og.bat

windows10-2004-x64

1

Deactivate...og.bat

windows7-x64

1

Deactivate...og.bat

windows10-2004-x64

1

InstallAcr...ce.bat

windows7-x64

8

InstallAcr...ce.bat

windows10-2004-x64

8

OpenAcryli...le.bat

windows7-x64

1

OpenAcryli...le.bat

windows10-2004-x64

1

OpenAcryli...le.bat

windows7-x64

1

OpenAcryli...le.bat

windows10-2004-x64

1

PurgeAcryl...ta.bat

windows7-x64

1

PurgeAcryl...ta.bat

windows10-2004-x64

1

RestartAcr...ce.bat

windows7-x64

1

RestartAcr...ce.bat

windows10-2004-x64

1

StartAcryl...ce.bat

windows7-x64

1

StartAcryl...ce.bat

windows10-2004-x64

1

StopAcryli...ce.bat

windows7-x64

1

StopAcryli...ce.bat

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 20:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OpenAcrylicConfigurationFile.bat

  • Size

    71B

  • MD5

    6c0ea3a94f8a1025327cf0e41bc3b12c

  • SHA1

    04b79d32c81d20e79652c5e923473d9636fc497e

  • SHA256

    4e5a2bf6d7df6bd71a1a779cc18f03470eb41b4801f854a0be447c70a5c05c3a

  • SHA512

    0d076b253d37d270174f465aea930c2b76ea68b2eeb463a8775e795c0709a2aa6056493fa1951adc7c2692363073c22ac91566299e380753efed3188c5b07283

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: CmdExeWriteProcessMemorySpam 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\OpenAcrylicConfigurationFile.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Users\Admin\AppData\Local\Temp\AcrylicUI.exe
      AcrylicUI.exe OpenAcrylicConfigurationFile
      2⤵
      • Suspicious behavior: CmdExeWriteProcessMemorySpam
      • Suspicious behavior: EnumeratesProcesses
      PID:1744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1744-0-0x00000000001C0000-0x00000000001C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1744-1-0x0000000000400000-0x0000000000495000-memory.dmp

    Filesize

    596KB

    Download

  • memory/1744-3-0x00000000001C0000-0x00000000001C1000-memory.dmp

    Filesize

    4KB

    Download