Overview

overview

7

Static

static

3

EqualizerA....2.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Benchmark.exe

windows10-2004-x64

1

Configurat...e).url

windows10-2004-x64

1

Configurat...e).url

windows10-2004-x64

1

Configurator.exe

windows10-2004-x64

7

Editor.exe

windows10-2004-x64

1

EqualizerAPO.dll

windows10-2004-x64

7

Qt5Core.dll

windows10-2004-x64

1

Qt5Gui.dll

windows10-2004-x64

1

Qt5Widgets.dll

windows10-2004-x64

1

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

VoicemeeterClient.exe

windows10-2004-x64

1

libfftw3f-3.dll

windows10-2004-x64

1

libsndfile-1.dll

windows10-2004-x64

1

msvcp140.dll

windows10-2004-x64

1

msvcp140_1.dll

windows10-2004-x64

1

qt/imagefo...if.dll

windows10-2004-x64

1

qt/imagefo...co.dll

windows10-2004-x64

1

qt/imagefo...eg.dll

windows10-2004-x64

1

qt/platfor...ws.dll

windows10-2004-x64

1

qt/styles/...le.dll

windows10-2004-x64

1

vcruntime140.dll

windows10-2004-x64

1

vcruntime140_1.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240730-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-08-2024 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/AccessControl.dll

  • Size

    13KB

  • MD5

    28c87a09fdb49060aa4ab558a2832109

  • SHA1

    9213a24964cd479eac91d01ad54190f9c11d0c75

  • SHA256

    933cadcd3a463484bbb3c45077afda0edbb539dfbe988efad79a88cae63bf95f

  • SHA512

    413b3afe5a3b139a199f2a6954edc055eee3b312c3dffd568cfdbe1f740f07a7c27fbf7b2a0b6e3c3dd6ee358ce96cc1ca821883f055bf63ddebda854384700d

  • SSDEEP

    192:V26NwF1FF1bl9UsZBpDOjH3RGz47gnrVsybWZeAW4MwNR5yRR4XLLF/NTNIXoslk:T+1bYsZBwWsySZeIBZdP40l

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\AccessControl.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3928
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\AccessControl.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1096
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1096 -s 612
        3⤵
        • Program crash
        PID:2656
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 1096 -ip 1096
    1⤵
      PID:2320

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads