8e5387b8e5b1d7437979f00b42b6b481281f9ced1c3a7101f6a5832402563e5b

Submit
Reports

Overview

overview

Static

static

CatrinePer...rm.exe

windows7-x64

CatrinePer...rm.exe

windows10-2004-x64

CatrinePer...rm.exe

windows7-x64

CatrinePer...rm.exe

windows10-2004-x64

f_000004.js

windows7-x64

f_000004.js

windows10-2004-x64

f_00001c.js

windows7-x64

f_00001c.js

windows10-2004-x64

CatrinePer...9_0.js

windows7-x64

CatrinePer...9_0.js

windows10-2004-x64

CatrinePer...0_0.js

windows7-x64

CatrinePer...0_0.js

windows10-2004-x64

CatrinePer...Ex.dll

windows7-x64

CatrinePer...Ex.dll

windows10-2004-x64

CatrinePer...PC.dll

windows7-x64

CatrinePer...PC.dll

windows10-2004-x64

CatrinePer...ro.dll

windows7-x64

CatrinePer...ro.dll

windows10-2004-x64

CatrinePer...re.dll

windows7-x64

CatrinePer...re.dll

windows10-2004-x64

CatrinePer...ms.dll

windows7-x64

CatrinePer...ms.dll

windows10-2004-x64

CatrinePer...pf.dll

windows7-x64

CatrinePer...pf.dll

windows10-2004-x64

CatrinePer...rs.dll

windows7-x64

CatrinePer...rs.dll

windows10-2004-x64

CatrinePer...on.dll

windows7-x64

CatrinePer...on.dll

windows10-2004-x64

Revo_Unins...up.exe

windows7-x64

Revo_Unins...up.exe

windows10-2004-x64

CatrinePer...rp.dll

windows7-x64

CatrinePer...rp.dll

windows10-2004-x64

Analysis

max time kernel
144s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
29-07-2024 11:33

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

CatrinePerm/CatrinePerm.exe

Resource

win7-20240704-en

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

CatrinePerm/CatrinePerm.exe

Resource

win10v2004-20240709-en

xworm credential_access defense_evasion discovery execution persistence pyinstaller rat spyware stealer trojan

windows10-2004-x64

27 signatures

150 seconds

Behavioral task

behavioral3

Sample

CatrinePerm/CatrinePerm.exe

Resource

win7-20240705-en

xworm discovery execution persistence pyinstaller rat trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral4

Sample

CatrinePerm/CatrinePerm.exe

Resource

win10v2004-20240709-en

xworm credential_access defense_evasion discovery execution persistence pyinstaller rat spyware stealer trojan

windows10-2004-x64

27 signatures

150 seconds

Behavioral task

behavioral5

Sample

f_000004.js

Resource

win7-20240704-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

f_000004.js

Resource

win10v2004-20240704-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

f_00001c.js

Resource

win7-20240705-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

f_00001c.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/834cfe7d63b4b479_0.js

Resource

win7-20240704-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/834cfe7d63b4b479_0.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/e9cf90305a4e5760_0.js

Resource

win7-20240705-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

CatrinePerm/CatrinePerm.exe.WebView2/EBWebView/Default/Code Cache/js/e9cf90305a4e5760_0.js

Resource

win10v2004-20240709-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

CatrinePerm/ControlzEx.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

CatrinePerm/ControlzEx.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

CatrinePerm/DiscordRPC.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

CatrinePerm/DiscordRPC.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

CatrinePerm/MahApps.Metro.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

CatrinePerm/MahApps.Metro.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

CatrinePerm/Microsoft.Web.WebView2.Core.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

CatrinePerm/Microsoft.Web.WebView2.Core.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

CatrinePerm/Microsoft.Web.WebView2.WinForms.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

CatrinePerm/Microsoft.Web.WebView2.WinForms.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

CatrinePerm/Microsoft.Web.WebView2.Wpf.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

CatrinePerm/Microsoft.Web.WebView2.Wpf.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

CatrinePerm/Microsoft.Xaml.Behaviors.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

CatrinePerm/Microsoft.Xaml.Behaviors.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

CatrinePerm/Newtonsoft.Json.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

CatrinePerm/Newtonsoft.Json.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Revo_Uninstaller_Pro_5.1.1/RevoUninProSetup.exe

Resource

win7-20240704-en

discovery

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral30

Sample

Revo_Uninstaller_Pro_5.1.1/RevoUninProSetup.exe

Resource

win10v2004-20240709-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral31

Sample

CatrinePerm/SevenZipSharp.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

CatrinePerm/SevenZipSharp.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

CatrinePerm/Microsoft.Web.WebView2.WinForms.dll
Size

39KB
MD5

4caae0e27f1c493ad732e3a49b38b097
SHA1

4319402a47be6c022552612303b6dca6eed4bade
SHA256

32a1e3f4184ce03122c4503b53a7983204fa38e030dcdbbfe64f1b471fd12c42
SHA512

0ff25e58b8e761e0c5b1a419b35547b4de8f02f2fe07e5ac8bc992bde46ac9fcae261bfd31ab90d9a669fa58cc87b798ec0a9de144245f6e39318e6b4c2eb83e
SSDEEP

768:L41nHCqoU2GmbUt5740eObba2yfhZDgcEST3p4Jjrjh2jJTSG2au8vxJKia5/ZiE:L+bxyfhZDgcEST3p4JjrjaJTSG2au4xc

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\CatrinePerm\Microsoft.Web.WebView2.WinForms.dll,#1
1⤵
PID:4272

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads