d03c4bd3d2392477a6ae2641026304f57f5dded4c78d5177042cbddf3ab702b0

Submit
Reports

Overview

overview

Static

static

AK.xolotl....ly.dll

windows7-x64

AK.xolotl....ly.dll

windows10-2004-x64

AK.xolotl....44.exe

windows7-x64

AK.xolotl....44.exe

windows10-2004-x64

AK.xolotl....64.exe

windows7-x64

AK.xolotl....64.exe

windows10-2004-x64

AK.xolotl....64.exe

windows7-x64

AK.xolotl....64.exe

windows10-2004-x64

AK.xolotl....42.exe

windows7-x64

AK.xolotl....42.exe

windows10-2004-x64

AK.xolotl....43.exe

windows7-x64

AK.xolotl....43.exe

windows10-2004-x64

AK.xolotl....86.exe

windows7-x64

AK.xolotl....86.exe

windows10-2004-x64

AK.xolotl....62.exe

windows7-x64

AK.xolotl....62.exe

windows10-2004-x64

AK.xolotl....63.exe

windows7-x64

AK.xolotl....63.exe

windows10-2004-x64

AK.xolotl....64.exe

windows7-x64

AK.xolotl....64.exe

windows10-2004-x64

AK.xolotl....er.dll

windows7-x64

AK.xolotl....er.dll

windows10-2004-x64

AK.xolotl....tl.exe

windows7-x64

AK.xolotl....tl.exe

windows10-2004-x64

AK.xolotl....ut.dll

windows7-x64

AK.xolotl....ut.dll

windows10-2004-x64

AK.xolotl....io.dll

windows7-x64

AK.xolotl....io.dll

windows10-2004-x64

AK.xolotl....ed.dll

windows7-x64

AK.xolotl....ed.dll

windows10-2004-x64

AK.xolotl....io.dll

windows7-x64

AK.xolotl....io.dll

windows10-2004-x64

Analysis

max time kernel
8s
max time network
51s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19-07-2024 22:57

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/GameAssembly.dll

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/GameAssembly.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vc_redist.x644.exe

Resource

win7-20240704-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vc_redist.x644.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vc_redist.x864.exe

Resource

win7-20240705-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vc_redist.x864.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral7

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x64.exe

Resource

win7-20240704-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral8

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x64.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral9

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x642.exe

Resource

win7-20240708-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x642.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x643.exe

Resource

win7-20240704-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x643.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x86.exe

Resource

win7-20240708-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral14

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x86.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x862.exe

Resource

win7-20240705-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x862.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x863.exe

Resource

win7-20240705-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/Redist/vcredist_x863.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/UnityCrashHandler64.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/UnityCrashHandler64.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/UnityPlayer.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/UnityPlayer.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl.exe

Resource

win7-20240708-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral25

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/Rewired_DirectInput.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/Rewired_DirectInput.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/fmodstudio.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/fmodstudio.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/lib_burst_generated.dll

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/lib_burst_generated.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/resonanceaudio.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/resonanceaudio.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

AK.xolotl.v1.3.13502/AK.xolotl.v1.3.13502/ak-xolotl_Data/Plugins/x86_64/lib_burst_generated.dll
Size

91KB
MD5

f204769c44560b5fae1b93cda1aabd14
SHA1

d2b320161dfe0f4d7b9cbaf53d7bfa6bbd669e64
SHA256

d8185790d0909d590c9cb48e9ac60e35cc767a8435b14e1b6b9a57aa61a9f12c
SHA512

9cefa8e441dce9aeec5ac0abd1acd4f8d766d2852c7c2bc2df845907765124aad2665b07d159e1e23b200228eddf8a839eed667b1a0761fbb1f7baa1176b17d6
SSDEEP

1536:HPxgV4iJX3C7WmYuJSief5hLE+A1iGeX2EwcXyrU0c21PoTjz85Sn2r+FsMGl3GK:vbaChqVD8UMoTX85Sn2+FsMGl3GWz

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2748 wrote to memory of 2740	2748	rundll32.exe	WerFault.exe
PID 2748 wrote to memory of 2740	2748	rundll32.exe	WerFault.exe
PID 2748 wrote to memory of 2740	2748	rundll32.exe	WerFault.exe

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\AK.xolotl.v1.3.13502\AK.xolotl.v1.3.13502\ak-xolotl_Data\Plugins\x86_64\lib_burst_generated.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2748

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2748 -s 84
2⤵
PID:2740

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads