Overview

overview

9

Static

static

9

31e8dda13e...14.exe

windows7-x64

8

31e8dda13e...14.exe

windows10-2004-x64

8

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$SYSDIR/36...er.dll

windows7-x64

1

$SYSDIR/36...er.dll

windows10-2004-x64

1

$SYSDIR/36...pw.dll

windows7-x64

1

$SYSDIR/36...pw.dll

windows10-2004-x64

1

$SYSDIR/Qt...in.dll

windows7-x64

1

$SYSDIR/Qt...in.dll

windows10-2004-x64

1

$SYSDIR/Qt...in.dll

windows7-x64

1

$SYSDIR/Qt...in.dll

windows10-2004-x64

1

$SYSDIR/Qt...in.dll

windows7-x64

1

$SYSDIR/Qt...in.dll

windows10-2004-x64

1

$SYSDIR/Qt...ng.dll

windows7-x64

1

$SYSDIR/Qt...ng.dll

windows10-2004-x64

1

$SYSDIR/Qt...ls.dll

windows7-x64

1

$SYSDIR/Qt...ls.dll

windows10-2004-x64

1

$SYSDIR/Qt...pt.dll

windows7-x64

1

$SYSDIR/Qt...pt.dll

windows10-2004-x64

1

$SYSDIR/Qt...s2.dll

windows7-x64

1

$SYSDIR/Qt...s2.dll

windows10-2004-x64

1

$SYSDIR/Qt...ts.dll

windows7-x64

1

$SYSDIR/Qt...ts.dll

windows10-2004-x64

1

$SYSDIR/Qt...rt.dll

windows7-x64

1

$SYSDIR/Qt...rt.dll

windows10-2004-x64

1

$SYSDIR/Qt5Svg.dll

windows7-x64

1

$SYSDIR/Qt5Svg.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-06-2024 11:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SYSDIR/Qt/labs/settings/qmlsettingsplugin.dll

  • Size

    36KB

  • MD5

    33b2530c33708b928c93ad00f762b0e1

  • SHA1

    f22c8871395acd0311fe8bae8b469e214d546ead

  • SHA256

    0c9913f95e28ae805297021095532bd72ddc6f42e29307a060f2a502110b7e8d

  • SHA512

    567c64f159e280c5be2f51b3072ae80fea5f0048a4f4b4b4978b74670372166a3286d92de14410c8e1e34a583c44226a85903cd9b0f22bff039f8becf1c72d76

  • SSDEEP

    768:eo7BK1Ha15mcMzIvW8mewzxpoGa1ohnvyEgPURdDGMFFjUf2hE/:N7BK1Ha15mr0mew9poGa1o9vyEgPIfT6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$SYSDIR\Qt\labs\settings\qmlsettingsplugin.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$SYSDIR\Qt\labs\settings\qmlsettingsplugin.dll,#1
      2⤵
        PID:4584

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads