Overview

overview

10

Static

static

3

@^NewFile_...^$.zip

windows11-21h2-x64

1

@^NewFile_...^$.rar

windows11-21h2-x64

1

Resource/L...me.xml

windows11-21h2-x64

1

Resource/L...UI.dll

windows11-21h2-x64

1

Resource/L...UI.xml

windows11-21h2-x64

1

Resource/L...op.dll

windows11-21h2-x64

1

Resource/L...to.xml

windows11-21h2-x64

1

Resource/L...op.dll

windows11-21h2-x64

3

Resource/S...di.spp

windows11-21h2-x64

3

Resource/T...6l.dat

windows11-21h2-x64

4

Resource/T...ol.txt

windows11-21h2-x64

3

Resource/T...at.txt

windows11-21h2-x64

3

Resource/T...RO.txt

windows11-21h2-x64

3

Resource/T...AR.txt

windows11-21h2-x64

3

Resource/T...AN.txt

windows11-21h2-x64

3

Resource/T...IC.txt

windows11-21h2-x64

3

Resource/opengl64.dll

windows11-21h2-x64

1

Setup.exe

windows11-21h2-x64

10

fxsound/EX...in.dll

windows11-21h2-x64

3

fxsound/MS...in.dll

windows11-21h2-x64

3

fxsound/So...in.dll

windows11-21h2-x64

3

fxsound/So...es.dll

windows11-21h2-x64

3

fxsound/WM...ng.dll

windows11-21h2-x64

3

fxsound/WMPNSSUI.dll

windows11-21h2-x64

3

fxsound/wmpnssci.dll

windows11-21h2-x64

3

glioma.asp

windows11-21h2-x64

3

libvlc.dll

windows11-21h2-x64

3

libvlccore.dll

windows11-21h2-x64

3

plugins/Cr...32.dll

windows11-21h2-x64

3

plugins/Cr...64.dll

windows11-21h2-x64

1

@^NewFile_...��.css

windows11-21h2-x64

1

PaSṣCoḒḕ.css

windows11-21h2-x64

3

Resubmissions

05/08/2024, 08:17

240805-j618ba1cpl 10

05/08/2024, 08:15

240805-j5rmgsvdph 3

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    05/08/2024, 08:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fxsound/MSIInstallPlugin.dll

  • Size

    132KB

  • MD5

    8beefd692f66c3868a263b3dc25bcd14

  • SHA1

    57bc681f78966fea5547e988f491a2d15ba1b9cb

  • SHA256

    588093e3d1cf19405e65928d9f5ddaf5a9b004392e9a83ddb9b369c89cd67500

  • SHA512

    b7f120f203c1cd4b904f3d1522b5de3ffeeeb23f16a32777a2946a4aabc45ece80a88f86bc337f90a9fe5129a20ab38c8990e3243bc1ec131a44cbda4cc409ca

  • SSDEEP

    3072:ReshX11GkE0L8FVxDzs5VZcRMnDkkKn5C:RpF6kE0wPxaZcRM7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fxsound\MSIInstallPlugin.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4424
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fxsound\MSIInstallPlugin.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads