Overview
overview
9Static
static
7AlphaFS.dll
windows7-x64
1AlphaFS.dll
windows10-2004-x64
1BLTools v2...O].exe
windows7-x64
5BLTools v2...O].exe
windows10-2004-x64
5CookiesCre....2.exe
windows7-x64
9CookiesCre....2.exe
windows10-2004-x64
9Extreme.Net.dll
windows7-x64
1Extreme.Net.dll
windows10-2004-x64
1License.dll
windows7-x64
1License.dll
windows10-2004-x64
1MaterialDe...rs.dll
windows7-x64
1MaterialDe...rs.dll
windows10-2004-x64
1MaterialDe...pf.dll
windows7-x64
1MaterialDe...pf.dll
windows10-2004-x64
1Microsoft....rs.dll
windows7-x64
1Microsoft....rs.dll
windows10-2004-x64
1Ookii.Dialogs.Wpf.dll
windows7-x64
1Ookii.Dialogs.Wpf.dll
windows10-2004-x64
1Resubmissions
15-06-2024 18:07
240615-wqpksstdnm 9Analysis
-
max time kernel
105s -
max time network
51s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
15-06-2024 18:07
Behavioral task
behavioral1
Sample
AlphaFS.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
AlphaFS.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
BLTools v2.9.1[PRO].exe
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
BLTools v2.9.1[PRO].exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
CookiesCreator v1.2.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
CookiesCreator v1.2.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Extreme.Net.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
Extreme.Net.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
License.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
License.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
MaterialDesignColors.dll
Resource
win7-20240611-en
Behavioral task
behavioral12
Sample
MaterialDesignColors.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
MaterialDesignThemes.Wpf.dll
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
MaterialDesignThemes.Wpf.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
Microsoft.Xaml.Behaviors.dll
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
Microsoft.Xaml.Behaviors.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
Ookii.Dialogs.Wpf.dll
Resource
win7-20240611-en
Behavioral task
behavioral18
Sample
Ookii.Dialogs.Wpf.dll
Resource
win10v2004-20240611-en
General
-
Target
BLTools v2.9.1[PRO].exe
-
Size
3.2MB
-
MD5
025d637741b1b326ded2e99e6b54ed77
-
SHA1
5fb6a288559f54aeb42203cf5e44a072c74f942f
-
SHA256
d68b3cdca20f0b871a653a3203e4292846e766b45fb989856a2de0fb9e0c4860
-
SHA512
720f4f03febbe7fdd661c14349680f6511a69487b0bdf5cd47ab4594b1fad49edeb0bde8e287272d84e21efc916ba91ca71bfa2632eba76e379e07815163d26b
-
SSDEEP
98304:M7+TEjqbFZN2l9OqOj/VCB1CRSHgmYrrwCY:pTeqbzN69OqOjmURSAmY
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
Processes:
BLTools v2.9.1[PRO].exepid process 4576 BLTools v2.9.1[PRO].exe 4576 BLTools v2.9.1[PRO].exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4576-0-0x00000000750AE000-0x00000000750AF000-memory.dmpFilesize
4KB
-
memory/4576-1-0x0000000000450000-0x0000000000BA0000-memory.dmpFilesize
7.3MB
-
memory/4576-2-0x0000000001540000-0x0000000001541000-memory.dmpFilesize
4KB
-
memory/4576-3-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-4-0x0000000005420000-0x0000000005444000-memory.dmpFilesize
144KB
-
memory/4576-5-0x0000000008320000-0x0000000008C4C000-memory.dmpFilesize
9.2MB
-
memory/4576-6-0x0000000007A40000-0x0000000007A90000-memory.dmpFilesize
320KB
-
memory/4576-7-0x0000000005510000-0x0000000005570000-memory.dmpFilesize
384KB
-
memory/4576-8-0x00000000054D0000-0x00000000054F0000-memory.dmpFilesize
128KB
-
memory/4576-9-0x0000000005B20000-0x00000000060C4000-memory.dmpFilesize
5.6MB
-
memory/4576-10-0x00000000056F0000-0x0000000005832000-memory.dmpFilesize
1.3MB
-
memory/4576-11-0x00000000063D0000-0x000000000648A000-memory.dmpFilesize
744KB
-
memory/4576-12-0x0000000006490000-0x0000000006522000-memory.dmpFilesize
584KB
-
memory/4576-13-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-14-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-15-0x00000000070F0000-0x0000000007128000-memory.dmpFilesize
224KB
-
memory/4576-16-0x00000000070C0000-0x00000000070CE000-memory.dmpFilesize
56KB
-
memory/4576-17-0x000000000D940000-0x000000000D952000-memory.dmpFilesize
72KB
-
memory/4576-18-0x0000000007030000-0x0000000007038000-memory.dmpFilesize
32KB
-
memory/4576-19-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-20-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-21-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-22-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-23-0x00000000750AE000-0x00000000750AF000-memory.dmpFilesize
4KB
-
memory/4576-24-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-25-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-26-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-27-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB
-
memory/4576-28-0x00000000750A0000-0x0000000075850000-memory.dmpFilesize
7.7MB