Overview
overview
8Static
static
3MetaBuilder.zip
windows10-2004-x64
1MetaBuilde...in.dll
windows10-2004-x64
1MetaBuilde...er.exe
windows10-2004-x64
8MetaBuilde...xe.xml
windows10-2004-x64
1MetaBuilde...er.pdb
windows10-2004-x64
3MetaBuilder/dnlib.dll
windows10-2004-x64
1MetaBuilder/dnlib.xml
windows10-2004-x64
1MetaBuilde...st.exe
windows10-2004-x64
3Analysis
-
max time kernel
137s -
max time network
203s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
20-06-2024 19:06
Static task
static1
Behavioral task
behavioral1
Sample
MetaBuilder.zip
Resource
win10v2004-20240611-en
Behavioral task
behavioral2
Sample
MetaBuilder/MaterialSkin.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
MetaBuilder/MetaBuilder.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral4
Sample
MetaBuilder/MetaBuilder.exe.xml
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
MetaBuilder/MetaBuilder.pdb
Resource
win10v2004-20240508-en
Behavioral task
behavioral6
Sample
MetaBuilder/dnlib.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
MetaBuilder/dnlib.xml
Resource
win10v2004-20240611-en
Behavioral task
behavioral8
Sample
MetaBuilder/localhost.exe
Resource
win10v2004-20240508-en
General
-
Target
MetaBuilder/MetaBuilder.exe.xml
-
Size
184B
-
MD5
13ff21470b63470978e08e4933eb8e56
-
SHA1
3fa7077272c55e85141236d90d302975e3d14b2e
-
SHA256
16286566d54d81c3721f7ecf7f426d965de364e9be2f9e628d7363b684b6fe6a
-
SHA512
56d0e52874744df091ba8421eeda9c37854ece32a826bd251f74b88b6334df69736b8cd97104e6e7b2279ef01d2144fee100392744cc1afb7025ebbad5c307a8
Malware Config
Signatures
Processes
-
C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\MetaBuilder\MetaBuilder.exe.xml"1⤵PID:1404