378321892c67b83164f9ada3428089a19585bb1b05e3b57d703fb0e6255b72a0

Submit
Reports

Overview

overview

Static

static

Guilded-Wi...7c.exe

windows10-2004-x64

$PLUGINSDI...er.dll

windows10-2004-x64

$PLUGINSDI...ls.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows10-2004-x64

$PLUGINSDI...ll.dll

windows10-2004-x64

resources/...ve.dll

windows10-2004-x64

resources/...64.exe

windows10-2004-x64

resources/...86.exe

windows10-2004-x64

resources/...64.dll

windows10-2004-x64

resources/...86.dll

windows10-2004-x64

resources/...on.dll

windows10-2004-x64

resources/...on.dll

windows10-2004-x64

resources/...dex.js

windows10-2004-x64

resources/...ion.js

windows10-2004-x64

resources/...dex.js

windows10-2004-x64

resources/...inl.js

windows10-2004-x64

resources/...api.js

windows10-2004-x64

resources/...api.js

windows10-2004-x64

resources/...ion.js

windows10-2004-x64

resources/...ok.dll

windows10-2004-x64

resources/...ild.js

windows10-2004-x64

resources/...ok.dll

windows10-2004-x64

resources/...ok.dll

windows10-2004-x64

resources/...ok.dll

windows10-2004-x64

resources/...ok.dll

windows10-2004-x64

resources/...fig.js

windows10-2004-x64

resources/...ers.js

windows10-2004-x64

resources/...dex.js

windows10-2004-x64

resources/...all.js

windows10-2004-x64

$PLUGINSDI...ec.dll

windows10-2004-x64

$PLUGINSDI...7z.dll

windows10-2004-x64

$R0/Uninst...ed.exe

windows10-2004-x64

Analysis

max time kernel
139s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
22/07/2024, 04:06

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Guilded-Win_v_d153c2b8-fc20-4124-aca3-bfe899dbd87c.exe

Resource

win10v2004-20240709-en

discovery persistence

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/SpiderBanner.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/StdUtils.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/WinShell.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

resources/app.asar.unpacked/electron/GuildedNative.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

resources/app.asar.unpacked/electron/capture_helper_x64.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

resources/app.asar.unpacked/electron/capture_helper_x86.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

resources/app.asar.unpacked/electron/guilded_capture_x64.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

resources/app.asar.unpacked/electron/guilded_capture_x86.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral11

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/bin/win32-x64-121/extract-file-icon.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/build/Release/addon.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/dist/index.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/node_modules/node-addon-api/doc/threadsafe_function.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/node_modules/node-addon-api/index.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/node_modules/node-addon-api/napi-inl.js

Resource

win10v2004-20240704-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/node_modules/node-addon-api/napi.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/node_modules/node-addon-api/tools/check-napi.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

resources/app.asar.unpacked/node_modules/extract-file-icon/node_modules/node-addon-api/tools/conversion.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

resources/app.asar.unpacked/node_modules/iohook/bin/win32-x64-121/iohook.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

resources/app.asar.unpacked/node_modules/iohook/build.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

resources/app.asar.unpacked/node_modules/iohook/build/Release/iohook.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

resources/app.asar.unpacked/node_modules/iohook/build/Release/uiohook.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

resources/app.asar.unpacked/node_modules/iohook/builds/electron-v121-win32-x64/build/Release/iohook.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

resources/app.asar.unpacked/node_modules/iohook/builds/electron-v121-win32-x64/build/Release/uiohook.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

resources/app.asar.unpacked/node_modules/iohook/docs/.vuepress/config.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

resources/app.asar.unpacked/node_modules/iohook/helpers.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

resources/app.asar.unpacked/node_modules/iohook/index.js

Resource

win10v2004-20240704-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

resources/app.asar.unpacked/node_modules/iohook/install.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

$PLUGINSDIR/nsExec.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

$PLUGINSDIR/nsis7z.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

$R0/Uninstall Guilded.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

6 signatures

150 seconds

Report Analysis Logs

General

Target

resources/app.asar.unpacked/node_modules/extract-file-icon/build/Release/addon.dll
Size

132KB
MD5

3f1fd05301dc996a8419dea067a73fb6
SHA1

72ed7dda5c2f38cc25ed3f8d983c623711d4e618
SHA256

f57da6c1b960fb966467e09b3988e32537b8d5814957c79361e1ac7209282b53
SHA512

9811e6509429b86b1ee0ba7740708cd6854bda4ef12b8b0e0af87ae74bebb617f1d5770889fc3d606a82f9473d0344c61020229f87399ec5cc0794ece54055a5
SSDEEP

3072:P/79cvfw6TRoLgEtjEh2108GRDtT9qacknZw:PT8fw6TR05sG08GttX

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\extract-file-icon\build\Release\addon.dll,#1
1⤵
PID:2392

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads