Overview
overview
7Static
static
3f62712e793...bb.exe
windows7-x64
7f62712e793...bb.exe
windows10-2004-x64
7$PLUGINSDI...re.dll
windows7-x64
1$PLUGINSDI...re.dll
windows10-2004-x64
3$PLUGINSDI...ui.dll
windows7-x64
1$PLUGINSDI...ui.dll
windows10-2004-x64
1$PLUGINSDI...rk.dll
windows7-x64
3$PLUGINSDI...rk.dll
windows10-2004-x64
3$PLUGINSDI...vg.dll
windows7-x64
3$PLUGINSDI...vg.dll
windows10-2004-x64
3$PLUGINSDI...ts.dll
windows7-x64
3$PLUGINSDI...ts.dll
windows10-2004-x64
3$PLUGINSDI...40.dll
windows7-x64
3$PLUGINSDI...40.dll
windows10-2004-x64
3$PLUGINSDI...on.dll
windows7-x64
1$PLUGINSDI...on.dll
windows10-2004-x64
1$PLUGINSDI...if.dll
windows7-x64
1$PLUGINSDI...if.dll
windows10-2004-x64
1$PLUGINSDI...ns.dll
windows7-x64
1$PLUGINSDI...ns.dll
windows10-2004-x64
1$PLUGINSDI...co.dll
windows7-x64
1$PLUGINSDI...co.dll
windows10-2004-x64
1$PLUGINSDI...eg.dll
windows7-x64
1$PLUGINSDI...eg.dll
windows10-2004-x64
1$PLUGINSDI...vg.dll
windows7-x64
1$PLUGINSDI...vg.dll
windows10-2004-x64
1$PLUGINSDI..._1.dll
windows7-x64
1$PLUGINSDI..._1.dll
windows10-2004-x64
3$PLUGINSDI..._1.dll
windows7-x64
1$PLUGINSDI..._1.dll
windows10-2004-x64
1$PLUGINSDI...40.dll
windows7-x64
3$PLUGINSDI...40.dll
windows10-2004-x64
3Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
07/06/2024, 10:33
Static task
static1
Behavioral task
behavioral1
Sample
f62712e793e7109552e2cb9c1a57c269be95eb4be1226c5d5ea481229d513ebb.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
f62712e793e7109552e2cb9c1a57c269be95eb4be1226c5d5ea481229d513ebb.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Qt5Core.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Qt5Core.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/Qt5Gui.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/Qt5Gui.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
$PLUGINSDIR/Qt5Network.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral8
Sample
$PLUGINSDIR/Qt5Network.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
$PLUGINSDIR/Qt5Svg.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral10
Sample
$PLUGINSDIR/Qt5Svg.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
$PLUGINSDIR/Qt5Widgets.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral12
Sample
$PLUGINSDIR/Qt5Widgets.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
$PLUGINSDIR/concrt140.dll
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral14
Sample
$PLUGINSDIR/concrt140.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
$PLUGINSDIR/iconengines/qsvgicon.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral16
Sample
$PLUGINSDIR/iconengines/qsvgicon.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
$PLUGINSDIR/imageformats/qgif.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
$PLUGINSDIR/imageformats/qgif.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
$PLUGINSDIR/imageformats/qicns.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral20
Sample
$PLUGINSDIR/imageformats/qicns.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
$PLUGINSDIR/imageformats/qico.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
$PLUGINSDIR/imageformats/qico.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
$PLUGINSDIR/imageformats/qjpeg.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral24
Sample
$PLUGINSDIR/imageformats/qjpeg.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
$PLUGINSDIR/imageformats/qsvg.dll
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral26
Sample
$PLUGINSDIR/imageformats/qsvg.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
$PLUGINSDIR/libcrypto-1_1.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral28
Sample
$PLUGINSDIR/libcrypto-1_1.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
$PLUGINSDIR/libssl-1_1.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral30
Sample
$PLUGINSDIR/libssl-1_1.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
$PLUGINSDIR/msvcp140.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral32
Sample
$PLUGINSDIR/msvcp140.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
$PLUGINSDIR/libcrypto-1_1.dll
-
Size
2.4MB
-
MD5
47268e922e51e584a780ba7825379f7c
-
SHA1
08458a14141043545b9d167bcd2efeb4828e224b
-
SHA256
2bbb640ea8b97f481a2cc020b9db297e19ef9b003cd39463649c9c838cd8d2d9
-
SHA512
67d6ce11861fabcf26fa627071fd6892eafff0240fdca09080cd4fc1518db5fce67887c0931e21c1cceff263b00c9bd347d09d2d1df82ea0e3b4f9a09f1db507
-
SSDEEP
49152:cePoQLUTIu5tvNJY8I/1CPwDv3uFfJS32Dag:cePHBu5nJY8K1CPwDv3uFfJS3
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2040 wrote to memory of 1228 2040 rundll32.exe 28 PID 2040 wrote to memory of 1228 2040 rundll32.exe 28 PID 2040 wrote to memory of 1228 2040 rundll32.exe 28 PID 2040 wrote to memory of 1228 2040 rundll32.exe 28 PID 2040 wrote to memory of 1228 2040 rundll32.exe 28 PID 2040 wrote to memory of 1228 2040 rundll32.exe 28 PID 2040 wrote to memory of 1228 2040 rundll32.exe 28