03d60f06db313f892881188829f27c813efe8a4e987af1f483a4bbbcd78159db

Submit
Reports

Overview

overview

Static

static

Portable_x32_x64.zip

windows7-x64

Portable_x32_x64.zip

windows10-2004-x64

Portable_x...e.pimx

windows7-x64

Portable_x...e.pimx

windows10-2004-x64

Portable_x...in.ini

windows7-x64

Portable_x...in.ini

windows10-2004-x64

Portable_x...in.xml

windows7-x64

Portable_x...in.xml

windows10-2004-x64

Portable_x...ce.dll

windows7-x64

Portable_x...ce.dll

windows10-2004-x64

Portable_x...ls.xml

windows7-x64

Portable_x...ls.xml

windows10-2004-x64

Portable_x...up.exe

windows7-x64

Portable_x...up.exe

windows10-2004-x64

Portable_x...40.dll

windows7-x64

Portable_x...40.dll

windows10-2004-x64

Portable_x...ju.wsf

windows7-x64

Portable_x...ju.wsf

windows10-2004-x64

Portable_x...ed.xml

windows7-x64

Portable_x...ed.xml

windows10-2004-x64

Portable_x...to.xml

windows7-x64

Portable_x...to.xml

windows10-2004-x64

Portable_x...ng.xml

windows7-x64

Portable_x...ng.xml

windows10-2004-x64

Portable_x...ae.xml

windows7-x64

Portable_x...ae.xml

windows10-2004-x64

Portable_x...re.xml

windows7-x64

Portable_x...re.xml

windows10-2004-x64

Portable_x...rs.xml

windows7-x64

Portable_x...rs.xml

windows10-2004-x64

Portable_x...go.xml

windows7-x64

Portable_x...go.xml

windows10-2004-x64

Analysis

max time kernel
436s
max time network
440s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
22-08-2024 12:15

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Portable_x32_x64.zip

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral2

Sample

Portable_x32_x64.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral3

Sample

Portable_x32_x64/Data/Language.pimx

Resource

win7-20240704-en

discovery

windows7-x64

6 signatures

600 seconds

Behavioral task

behavioral4

Sample

Portable_x32_x64/Data/Language.pimx

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral5

Sample

Portable_x32_x64/Data/Main.ini

Resource

win7-20240705-en

windows7-x64

1 signatures

600 seconds

Behavioral task

behavioral6

Sample

Portable_x32_x64/Data/Main.ini

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral7

Sample

Portable_x32_x64/Data/Packaged/Main.xml

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral8

Sample

Portable_x32_x64/Data/Packaged/Main.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral9

Sample

Portable_x32_x64/Data/Packaged/Resource.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral10

Sample

Portable_x32_x64/Data/Packaged/Resource.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral11

Sample

Portable_x32_x64/Data/Packaged/Utils.xml

Resource

win7-20240729-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral12

Sample

Portable_x32_x64/Data/Packaged/Utils.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral13

Sample

Portable_x32_x64/Setup.exe

Resource

win7-20240708-en

discovery

windows7-x64

1 signatures

600 seconds

Behavioral task

behavioral14

Sample

Portable_x32_x64/Setup.exe

Resource

win10v2004-20240802-en

rhadamanthys discovery stealer

windows10-2004-x64

8 signatures

600 seconds

Behavioral task

behavioral15

Sample

Portable_x32_x64/msvcp140.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral16

Sample

Portable_x32_x64/msvcp140.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral17

Sample

Portable_x32_x64/res/cravats/broachOneill/badju.wsf

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral18

Sample

Portable_x32_x64/res/cravats/broachOneill/badju.wsf

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral19

Sample

Portable_x32_x64/res/cravats/broachOneill/bestinkSonarsBuzzed.xml

Resource

win7-20240705-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral20

Sample

Portable_x32_x64/res/cravats/broachOneill/bestinkSonarsBuzzed.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral21

Sample

Portable_x32_x64/res/cravats/broachOneill/busto.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral22

Sample

Portable_x32_x64/res/cravats/broachOneill/busto.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral23

Sample

Portable_x32_x64/res/cravats/broachOneill/gabblerTinderyBeaming.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral24

Sample

Portable_x32_x64/res/cravats/broachOneill/gabblerTinderyBeaming.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral25

Sample

Portable_x32_x64/res/cravats/broachOneill/hebrewsNae.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral26

Sample

Portable_x32_x64/res/cravats/broachOneill/hebrewsNae.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral27

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/baluchKenlore.xml

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral28

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/baluchKenlore.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral29

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/ecuadorCapers.xml

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral30

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/ecuadorCapers.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral31

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/fungo.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral32

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/fungo.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Report Analysis Logs

General

Target

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/ecuadorCapers.xml
Size

42KB
MD5

7411966ba263e7ebaa428c782fe9fc45
SHA1

8b3bee6e129a04255f2b31bbc336524123fb1262
SHA256

8c85e34d186c96a65990d7b2c0b47c261fd7da381679c604a30937cae07be62f
SHA512

329a494d2cdf57aabb91938625338552986a914e813ced0994ee78185a5a2ee05f1b4c7790b07516da1039f99bb20d2e241b2fee28a56611099d0a97b54e424c
SSDEEP

768:AbcR03Pbz/Lw+HqmaNkIZ8kfCEDW22I1Iea4OytHKegD:TMPMMqJNNBP21ea4JKD

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Portable_x32_x64\res\cravats\broachOneill\shaleDashikiBajoire\ecuadorCapers.xml"
1⤵
PID:1132

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1132-0-0x00007FFDF5B90000-0x00007FFDF5BA0000-memory.dmp

Filesize
64KB

Download
memory/1132-1-0x00007FFE35BAD000-0x00007FFE35BAE000-memory.dmp

Filesize
4KB

Download
memory/1132-2-0x00007FFE35B10000-0x00007FFE35D05000-memory.dmp

Filesize
2.0MB

Download
memory/1132-3-0x00007FFE35B10000-0x00007FFE35D05000-memory.dmp

Filesize
2.0MB

Download