2c79bad3b5eaaee69ef3cf26335faae93945cfa5efa2a1bd27b6b8f6f69fedce | Triage

Submit
Reports

Overview

overview

7

Static

static

7

HotelMIS_special.exe

windows7-x64

7

HotelMIS_special.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

ConfigServer.exe

windows7-x64

1

ConfigServer.exe

windows10-2004-x64

1

GuiTk115.dll

windows7-x64

3

GuiTk115.dll

windows10-2004-x64

3

MFC71.dll

windows7-x64

1

MFC71.dll

windows10-2004-x64

1

help.doc

windows7-x64

4

help.doc

windows10-2004-x64

1

hotelMIS.exe

windows7-x64

1

hotelMIS.exe

windows10-2004-x64

1

libmySQL.dll

windows7-x64

3

libmySQL.dll

windows10-2004-x64

3

license.rtf

windows7-x64

4

license.rtf

windows10-2004-x64

1

msvcp71.dll

windows7-x64

3

msvcp71.dll

windows10-2004-x64

3

msvcr71.dll

windows7-x64

3

msvcr71.dll

windows10-2004-x64

3

mysqld.exe

windows7-x64

1

mysqld.exe

windows10-2004-x64

1

share/char...s.html

ubuntu-18.04-amd64

1

share/char...s.html

debian-9-armhf

1

share/char...s.html

debian-9-mips

1

share/char...s.html

debian-9-mipsel

1

tmpl/ReportDay.xls

windows7-x64

1

tmpl/ReportDay.xls

windows10-2004-x64

1

tmpl/ReportSsy.xls

windows7-x64

1

tmpl/ReportSsy.xls

windows10-2004-x64

1

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2024, 10:21

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

HotelMIS_special.exe

Resource

win7-20240705-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

HotelMIS_special.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

ConfigServer.exe

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

ConfigServer.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

GuiTk115.dll

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

GuiTk115.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

MFC71.dll

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

MFC71.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

help.doc

Resource

win7-20240705-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral12

Sample

help.doc

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

hotelMIS.exe

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

hotelMIS.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

libmySQL.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

libmySQL.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

license.rtf

Resource

win7-20240708-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral18

Sample

license.rtf

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral19

Sample

msvcp71.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

msvcp71.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

msvcr71.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

msvcr71.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

mysqld.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

mysqld.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

share/charsets/languages.html

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

share/charsets/languages.html

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

share/charsets/languages.html

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

share/charsets/languages.html

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

tmpl/ReportDay.xls

Resource

win7-20240708-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

tmpl/ReportDay.xls

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral31

Sample

tmpl/ReportSsy.xls

Resource

win7-20240708-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

tmpl/ReportSsy.xls

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

150 seconds

Report Analysis Logs

General

Target

mysqld.exe
Size

3.4MB
MD5

1c329f51288c6677ddbe927a0c5f7d96
SHA1

a283a17db2ff55a250cb645e324a283119b9bd72
SHA256

273e217c1982ea9e9e9ab5cbc0f596d598f669a366507d05e33db93ce6e9dec0
SHA512

4bd93ac6742e6f8330df18c0e91dce198047e58621990fc0155ecb9930439bdac8d4ac10fd85603c4c722d9e71f0dba2ebe7eac7c9fea052c2b43024dd49150f
SSDEEP

49152:dfgTBYdvYgmeFbSaEP3hto8tkjJJJRjNNNjjjvT8WSgHZRJTqmhfDgHcbn:dt2eAaEZto8tkjJJJRjNNNjjjnH1FhV

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\mysqld.exe
"C:\Users\Admin\AppData\Local\Temp\mysqld.exe"
1⤵
PID:4324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy