Overview

overview

7

Static

static

3

ScreenStyl...2).exe

windows10-2004-x64

7

$PLUGINSDI....1.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

$PROGRAMFI...ck.dll

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...x.html

windows10-2004-x64

1

$PROGRAMFI...s.html

windows10-2004-x64

1

$PROGRAMFI...s.html

windows10-2004-x64

1

$PROGRAMFI...Ds.url

windows10-2004-x64

1

$PROGRAMFI...se.rtf

windows10-2004-x64

1

$PROGRAMFI...om.url

windows10-2004-x64

3

$PROGRAMFI...ck.dll

windows10-2004-x64

1

$PROGRAMFI...ck.exe

windows10-2004-x64

1

$PROGRAMFI...ug.exe

windows10-2004-x64

1

$PROGRAMFI...er.exe

windows10-2004-x64

1

$PROGRAMFI...us.dll

windows10-2004-x64

3

Uninstall ...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    469s
  • max time network
    482s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-07-2024 20:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PROGRAMFILES/RocketDock/RocketDock.exe

  • Size

    484KB

  • MD5

    7dfccc67990b6de7f30f553a4e4612a4

  • SHA1

    521e9198e3dc1d41fac02eb01fb9f47f6d2a9855

  • SHA256

    9ff98d6fd2539cefc9f42103a7f72388bed6ee590400559b92bc7430228da36a

  • SHA512

    e43038e184a4271633f7925656aa37d14dd67fb606aa18e8e9e18329cf9e71965217bc9687a5e317d0ab97cea40e40f0a72b0cf6d56d5c85cf1e1038e6be30eb

  • SSDEEP

    6144:1pWCDrqrLPXrYYvxhieBqqMWvTvDlCNB2ehjBbLWbKk5+T3BUJpDy:/rqrjr9xhi8q8DlEQUjB4K9rBos

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\RocketDock\RocketDock.exe
    "C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\RocketDock\RocketDock.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\RocketDock\Settings.ini
    Filesize

    1KB

    MD5

    865bf8039be6dd1f7c3935c89e329229

    SHA1

    ec547ea57685c8ad2ea11931db9525baf76337d0

    SHA256

    b36dd0151e3c21d0efa4e0be1355ba42ce0060fb971c61fc7fbc09df7aeacebe

    SHA512

    6752ff1ad2a4a2831191accd5c240cf4fd2f3d904b8ceb7c7d3763fa9aef3fc3ae7705bd4bb7fae04ab12231531b3a390a259abab226dc55f669be9dd7eb0c89

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\RocketDock\Settings.ini
    Filesize

    1KB

    MD5

    5550c1716c2bfb92fe2343ce91c7423a

    SHA1

    2292ff2a527407e55476146992189e38d068a82e

    SHA256

    bcaa8371ec0f09609a99587b2783ba4d9feb1f21161a5cac579e37448796a8c3

    SHA512

    d8ef95a76518e93f78d42f60a5ae22abd9ae06a6f960381c091365cfb86e7166b81c599f524b5d439b72cba694f9bbdb92c5e35565e01715b32b3297f81563aa

    Download Submit