Overview
overview
10Static
static
3Nursultan_...24.zip
windows10-1703-x64
1NursultanN...AL.dll
windows10-1703-x64
1NursultanN...64.dll
windows10-1703-x64
1NursultanN...ts.rar
windows10-1703-x64
304/04933f2...bdce8c
windows10-1703-x64
104/049a304...8de39b
windows10-1703-x64
104/04c43a7...8b9f8a
windows10-1703-x64
104/04d00bc...51c55d
windows10-1703-x64
104/04d181f...624ab2
windows10-1703-x64
104/04de7b3...57ff7f
windows10-1703-x64
1004/04f5636...23aa7a
windows10-1703-x64
104/3d0cb49...я (3)
windows10-1703-x64
104/3d0cb49...пия
windows10-1703-x64
104/3d0cb49...я (4)
windows10-1703-x64
104/3d0cb49...пия
windows10-1703-x64
1NursultanN...oc.dll
windows10-1703-x64
1NursultanN...gl.dll
windows10-1703-x64
1NursultanN...gl.dll
windows10-1703-x64
1NursultanN...tb.dll
windows10-1703-x64
1NursultanN...ft.jar
windows10-1703-x64
7NursultanN...es.rar
windows10-1703-x64
3natives/Nursultan.dll
windows10-1703-x64
5natives/OpenAL.dll
windows10-1703-x64
1natives/SA...64.dll
windows10-1703-x64
1natives/glfw.dll
windows10-1703-x64
1natives/jemalloc.dll
windows10-1703-x64
1natives/lwjgl.dll
windows10-1703-x64
1natives/lw...gl.dll
windows10-1703-x64
1natives/lwjgl_stb.dll
windows10-1703-x64
1natives/lw...fd.dll
windows10-1703-x64
1NursultanN...AR.exe
windows10-1703-x64
3NursultanN...rt.bat
windows10-1703-x64
10Analysis
-
max time kernel
125s -
max time network
138s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
23-06-2024 13:01
Static task
static1
Behavioral task
behavioral1
Sample
Nursultan_FREE_2024.zip
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral2
Sample
NursultanNextgen2024/OpenAL.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral3
Sample
NursultanNextgen2024/SAPIWrapper_x64.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral4
Sample
NursultanNextgen2024/assets.rar
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral5
Sample
04/04933f2f39e339e7ba0db0c21812cb9ff9bdce8c
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral6
Sample
04/049a3049a5ac8631a6c5f367b7d824fc0d8de39b
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral7
Sample
04/04c43a7a9b7883538080f84bf5b4bcba0c8b9f8a
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral8
Sample
04/04d00bc852751498fad759fe473fef917b51c55d
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral9
Sample
04/04d181f5f4d61d2215175a1e63e7caaf9b624ab2
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral10
Sample
04/04de7b3f382c41f8bfa36ea205f3ae807457ff7f
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral11
Sample
04/04f5636909319c54405c20ff932d92397523aa7a
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral12
Sample
04/3d0cb49d33b9bb2462ad183f65e2e11aea3c1eff — копия (3)
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral13
Sample
04/3d0cb49d33b9bb2462ad183f65e2e11aea3c1eff — копия (3) — копия
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral14
Sample
04/3d0cb49d33b9bb2462ad183f65e2e11aea3c1eff — копия (4)
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral15
Sample
04/3d0cb49d33b9bb2462ad183f65e2e11aea3c1eff — копия (4) — копия
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral16
Sample
NursultanNextgen2024/jemalloc.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral17
Sample
NursultanNextgen2024/lwjgl.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral18
Sample
NursultanNextgen2024/lwjgl_opengl.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral19
Sample
NursultanNextgen2024/lwjgl_stb.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral20
Sample
NursultanNextgen2024/minecraft.jar
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral21
Sample
NursultanNextgen2024/natives.rar
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral22
Sample
natives/Nursultan.dll
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral23
Sample
natives/OpenAL.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral24
Sample
natives/SAPIWrapper_x64.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral25
Sample
natives/glfw.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral26
Sample
natives/jemalloc.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral27
Sample
natives/lwjgl.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral28
Sample
natives/lwjgl_opengl.dll
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral29
Sample
natives/lwjgl_stb.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral30
Sample
natives/lwjgl_tinyfd.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral31
Sample
NursultanNextgen2024/rar/UnRAR.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral32
Sample
NursultanNextgen2024/start.bat
Resource
win10-20240404-en
windows10-1703-x64
General
-
Target
NursultanNextgen2024/lwjgl_stb.dll
-
Size
102KB
-
MD5
b5ee40662104194eb904fd559d5e781e
-
SHA1
224a48ab7ba6fcdbf684ca841d059c9bd297376e
-
SHA256
2865f9df4a6635135fe40029e43e76e11287c2deb30e4b023c7acbfd896aca58
-
SHA512
35f61a019be990ab65316e03ca6de3691426da1d232d1caf90e0d8dcc3c020a7c6db13207fbbbad74b39b653740594a26a8038c43ce1d478c17090209b75962c
-
SSDEEP
1536:CqP4/ysXsu3E2BuY/5dCFegxqN9BBJ5QBJXM+ETV4JJARDeQfLpcI:C5/GYRdfBJ5QBJ7lC7La
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 604 wrote to memory of 212 604 rundll32.exe 75 PID 604 wrote to memory of 212 604 rundll32.exe 75 PID 604 wrote to memory of 212 604 rundll32.exe 75