8e5387b8e5b1d7437979f00b42b6b481281f9ced1c3a7101f6a5832402563e5b

Submit
Reports

Overview

overview

Static

static

CatrinePer...rm.exe

windows7-x64

CatrinePer...rm.exe

windows10-2004-x64

CatrinePer...rm.exe

windows7-x64

CatrinePer...rm.exe

windows10-2004-x64

f_000004.js

windows7-x64

f_000004.js

windows10-2004-x64

f_00001c.js

windows7-x64

f_00001c.js

windows10-2004-x64

CatrinePer...9_0.js

windows7-x64

CatrinePer...9_0.js

windows10-2004-x64

CatrinePer...0_0.js

windows7-x64

CatrinePer...0_0.js

windows10-2004-x64

CatrinePer...Ex.dll

windows7-x64

CatrinePer...Ex.dll

windows10-2004-x64

CatrinePer...PC.dll

windows7-x64

CatrinePer...PC.dll

windows10-2004-x64

CatrinePer...ro.dll

windows7-x64

CatrinePer...ro.dll

windows10-2004-x64

CatrinePer...re.dll

windows7-x64

CatrinePer...re.dll

windows10-2004-x64

CatrinePer...ms.dll

windows7-x64

CatrinePer...ms.dll

windows10-2004-x64

CatrinePer...pf.dll

windows7-x64

CatrinePer...pf.dll

windows10-2004-x64

CatrinePer...rs.dll

windows7-x64

CatrinePer...rs.dll

windows10-2004-x64

CatrinePer...on.dll

windows7-x64

CatrinePer...on.dll

windows10-2004-x64

Revo_Unins...up.exe

windows7-x64

Revo_Unins...up.exe

windows10-2004-x64

CatrinePer...rp.dll

windows7-x64

CatrinePer...rp.dll

windows10-2004-x64

Analysis

max time kernel
14s
max time network
17s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
29-07-2024 11:33

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

CatrinePerm/CatrinePerm.exe

Resource

win7-20240704-en

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

CatrinePerm/CatrinePerm.exe

Resource

win10v2004-20240709-en

xworm credential_access defense_evasion discovery execution persistence pyinstaller rat spyware stealer trojan

windows10-2004-x64

27 signatures

150 seconds

Behavioral task

behavioral3

Sample

CatrinePerm/CatrinePerm.exe

Resource

win7-20240705-en

xworm discovery execution persistence pyinstaller rat trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral4

Sample

CatrinePerm/CatrinePerm.exe

Resource

win10v2004-20240709-en

xworm credential_access defense_evasion discovery execution persistence pyinstaller rat spyware stealer trojan

windows10-2004-x64

27 signatures

150 seconds

Behavioral task

behavioral5

Sample

f_000004.js

Resource

win7-20240704-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

f_000004.js

Resource

win10v2004-20240704-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

f_00001c.js

Resource

win7-20240705-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

f_00001c.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/834cfe7d63b4b479_0.js

Resource

win7-20240704-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/834cfe7d63b4b479_0.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/e9cf90305a4e5760_0.js

Resource

win7-20240705-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/e9cf90305a4e5760_0.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

CatrinePerm/ControlzEx.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

CatrinePerm/ControlzEx.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

CatrinePerm/DiscordRPC.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

CatrinePerm/DiscordRPC.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

CatrinePerm/MahApps.Metro.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

CatrinePerm/MahApps.Metro.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

CatrinePerm/Microsoft.Web.WebView2.Core.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

CatrinePerm/Microsoft.Web.WebView2.Core.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

CatrinePerm/Microsoft.Web.WebView2.WinForms.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

CatrinePerm/Microsoft.Web.WebView2.WinForms.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

CatrinePerm/Microsoft.Web.WebView2.Wpf.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

CatrinePerm/Microsoft.Web.WebView2.Wpf.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

CatrinePerm/Microsoft.Xaml.Behaviors.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

CatrinePerm/Microsoft.Xaml.Behaviors.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

CatrinePerm/Newtonsoft.Json.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

CatrinePerm/Newtonsoft.Json.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Revo_Uninstaller_Pro_5.1.1/RevoUninProSetup.exe

Resource

win7-20240704-en

discovery

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral30

Sample

Revo_Uninstaller_Pro_5.1.1/RevoUninProSetup.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral31

Sample

CatrinePerm/SevenZipSharp.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

CatrinePerm/SevenZipSharp.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

CatrinePerm/ControlzEx.dll
Size

245KB
MD5

6def9baa2552c072cea16b155fed0668
SHA1

93c9c9a7bf892d102f75b7fbadcc997488b4ed34
SHA256

3eceee9042e90da4a433007729778f72516f762599f7920839c751e180a47cb0
SHA512

62ef6519d0aa5979acd11067ff129ebb85bf62df8e66e395423b0cf33e5aa1541f2a028d38f2f6647cc129f6cc8be381b9c4762928fd4d163a1614652f5984ac
SSDEEP

6144:kv/YsKAsoWDJH5u6YAZBEmR8OpY82gb7gP2rxp+7vVNviPF1vdy0+mE:kyVoOJBRTdl2

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\CatrinePerm\ControlzEx.dll,#1
1⤵
PID:1400

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads