Overview

overview

10

Static

static

3

@^NewFile_...^$.zip

windows11-21h2-x64

1

@^NewFile_...^$.rar

windows11-21h2-x64

1

Resource/L...me.xml

windows11-21h2-x64

1

Resource/L...UI.dll

windows11-21h2-x64

1

Resource/L...UI.xml

windows11-21h2-x64

1

Resource/L...op.dll

windows11-21h2-x64

1

Resource/L...to.xml

windows11-21h2-x64

1

Resource/L...op.dll

windows11-21h2-x64

3

Resource/S...di.spp

windows11-21h2-x64

3

Resource/T...6l.dat

windows11-21h2-x64

4

Resource/T...ol.txt

windows11-21h2-x64

3

Resource/T...at.txt

windows11-21h2-x64

3

Resource/T...RO.txt

windows11-21h2-x64

3

Resource/T...AR.txt

windows11-21h2-x64

3

Resource/T...AN.txt

windows11-21h2-x64

3

Resource/T...IC.txt

windows11-21h2-x64

3

Resource/opengl64.dll

windows11-21h2-x64

1

Setup.exe

windows11-21h2-x64

10

fxsound/EX...in.dll

windows11-21h2-x64

3

fxsound/MS...in.dll

windows11-21h2-x64

3

fxsound/So...in.dll

windows11-21h2-x64

3

fxsound/So...es.dll

windows11-21h2-x64

3

fxsound/WM...ng.dll

windows11-21h2-x64

3

fxsound/WMPNSSUI.dll

windows11-21h2-x64

3

fxsound/wmpnssci.dll

windows11-21h2-x64

3

glioma.asp

windows11-21h2-x64

3

libvlc.dll

windows11-21h2-x64

3

libvlccore.dll

windows11-21h2-x64

3

plugins/Cr...32.dll

windows11-21h2-x64

3

plugins/Cr...64.dll

windows11-21h2-x64

1

@^NewFile_...��.css

windows11-21h2-x64

1

PaSṣCoḒḕ.css

windows11-21h2-x64

3

Resubmissions

05/08/2024, 08:17

240805-j618ba1cpl 10

05/08/2024, 08:15

240805-j5rmgsvdph 3

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    05/08/2024, 08:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fxsound/WMPNSSUI.dll

  • Size

    17KB

  • MD5

    7cec951c1783a51fa7ff3e2abcda54d4

  • SHA1

    b3d23f045cfb058f61c8febed38c684fc7dc2239

  • SHA256

    ea06a1ca5568f5f0d87bc362609dfd12d837494f797403245e9b44d58ae1a2b2

  • SHA512

    6814c8357f84555e20cb4d1bb07588d2b364886d799eb59efe527241b9d1c04ee303f819f1273efd013ba107e19c3c9d355b0097be1c34b7ed9df91298faa603

  • SSDEEP

    384:BA4E/PYPlz+Qg4WyF1aD35IaUA0+/NWapWWeX:K4GLZY+/v7eX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\fxsound\WMPNSSUI.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5012
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\fxsound\WMPNSSUI.dll
      2⤵
      • System Location Discovery: System Language Discovery
      PID:5016

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads