Overview

overview

7

Static

static

3

mpkcd-v2011v1.exe

windows7-x64

7

mpkcd-v2011v1.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

API_COM.dll

windows7-x64

3

API_COM.dll

windows10-2004-x64

3

Mwic_32.dll

windows7-x64

3

Mwic_32.dll

windows10-2004-x64

3

POS58/pos5...DD.dll

windows7-x64

3

POS58/pos5...DD.dll

windows10-2004-x64

3

POS58/pos5...UI.dll

windows7-x64

3

POS58/pos5...UI.dll

windows10-2004-x64

3

POS58/pos5...58.dll

windows7-x64

3

POS58/pos5...58.dll

windows10-2004-x64

3

I386/RASDD.dll

windows7-x64

3

I386/RASDD.dll

windows10-2004-x64

3

I386/RASDDUI.dll

windows7-x64

3

I386/RASDDUI.dll

windows10-2004-x64

3

POS58.dll

windows7-x64

3

POS58.dll

windows10-2004-x64

3

POS58/pos5...OR.dll

windows7-x64

1

POS58/pos5...OR.dll

windows10-2004-x64

1

POS58/pos5...IB.dll

windows7-x64

1

POS58/pos5...IB.dll

windows10-2004-x64

1

POS58/pos5...RV.dll

windows7-x64

1

POS58/pos5...RV.dll

windows10-2004-x64

1

RWic.dll

windows7-x64

3

RWic.dll

windows10-2004-x64

3

SWind.dll

windows7-x64

3

SWind.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    109s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/07/2024, 14:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    mpkcd-v2011v1.exe

  • Size

    5.7MB

  • MD5

    650a6e3b76135edd1f0eb4b3311c60cd

  • SHA1

    7c544d3041d802b2f29de77d4e7b5606fa274ebb

  • SHA256

    07beb2ba176c7ca59b32705af577c45590f2c7078cc4f8c49ec7e5dc08bf26ae

  • SHA512

    0708a0f90aecafab630b32604cbfae8abcfbb18e2ade7868c5ccf090b502954c8405df0f5a7a976d39ac93f7fef28594ce4deab6c6f2b1d113efeea614fcd6f5

  • SSDEEP

    98304:3b7tcgylpu2VLmBn26ooioGbC+fjd4jgvzt2tWmHhcXDujrOj9m6q9RTpZUMqVCC:3b7ybZLC26oy+p4jut2t9hqDsryQzRVg

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\mpkcd-v2011v1.exe
    "C:\Users\Admin\AppData\Local\Temp\mpkcd-v2011v1.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:4752

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsz9EA3.tmp\InstallOptions.dll
          Filesize

          12KB

          MD5

          4c7d97d0786ff08b20d0e8315b5fc3cb

          SHA1

          bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c

          SHA256

          75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84

          SHA512

          f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsz9EA3.tmp\advsplash.dll
          Filesize

          5KB

          MD5

          ca60ae514320a0bfc4991c1fca3dc4ce

          SHA1

          c0d7db92c979d75233db185f18dee0c9518dd8ae

          SHA256

          08d2283396141ae8222c6959a0e1b4f75a75a3f2643b33d6d1c9b90d0669c606

          SHA512

          8e2d00909828b2f527bed1d2dae39e991142091cda8e80fb512ef2790fdd8146e6222dc1a98730af864b1437eab9f0e881e9adc3aad4e6c67f840dc3c4115a3b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsz9EA3.tmp\ioSpecial.ini
          Filesize

          740B

          MD5

          4f5bf559afebada9cf43abefad5bbfc1

          SHA1

          2ec52204a80c274d93e3273e7f933b7f67981fef

          SHA256

          2daa457c8e319422b1ff6f0a3b6fe5906271a24ccace5b8436b840b473bda23b

          SHA512

          f7d0fd1263feca2090dd482bb9b873b9db74acb1ed6e13b9b8c81dbb2d1b0e3d61053607155acb0442051d01aa4279dd8157d8fa1e7baaed05f7c7cfee7101fb

          Download Submit