4fb17ba8b6943800a972385c7fde7e8e45fc4b1a6b6edfb0dcdad3671243f480 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

netdict.exe

windows7-x64

7

netdict.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

temp/modules/addr.dll

windows7-x64

6

temp/modules/addr.dll

windows10-2004-x64

6

temp/modules/auxr.dll

windows7-x64

7

temp/modules/auxr.dll

windows10-2004-x64

7

temp/modul...ct.exe

windows7-x64

3

temp/modul...ct.exe

windows10-2004-x64

3

temp/modul...vr.exe

windows7-x64

3

temp/modul...vr.exe

windows10-2004-x64

3

temp/modul...ll.exe

windows7-x64

3

temp/modul...ll.exe

windows10-2004-x64

3

temp/modules/sign.dll

windows7-x64

3

temp/modules/sign.dll

windows10-2004-x64

3

temp/modul...07.dll

windows7-x64

1

temp/modul...07.dll

windows10-2004-x64

1

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

max time kernel
126s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07-09-2024 05:02

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

netdict.exe

Resource

win7-20240729-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

netdict.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/AccessControl.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/AccessControl.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

temp/modules/addr.dll

Resource

win7-20240903-en

adware discovery stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

temp/modules/addr.dll

Resource

win10v2004-20240802-en

adware discovery stealer

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral11

Sample

temp/modules/auxr.dll

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

temp/modules/auxr.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

temp/modules/netdict.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

temp/modules/netdict.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

temp/modules/netdictsvr.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

temp/modules/netdictsvr.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

temp/modules/shell.exe

Resource

win7-20240729-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

temp/modules/shell.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

temp/modules/sign.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

temp/modules/sign.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

temp/modules/skins/Office2007.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

temp/modules/skins/Office2007.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

新云软件.url

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

新云软件.url

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

temp/modules/skins/Office2007.dll
Size

486KB
MD5

6c81f596bfda0b754e3514a46ee48119
SHA1

bc7f447ca8b41beabf26f9556c58292cf8774d7d
SHA256

fc91fbb7d3e77ebc949873d514679be783c100b352d6737c25d1ef47550145bb
SHA512

b8c9789cb3062a5d670b199e586f6bb126c14da450e2bf874d0f1f36b043db61db77542aca411d5bea4a593564405d81520160043e7fbbea3d0d5b63f991dd15
SSDEEP

12288:IDNw5k4u34yKisgR4Jfi126PbrPzNq3dElPcr1j53dEE:Xk4u3HJVqNEg5NEE

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\temp\modules\skins\Office2007.dll,#1
1⤵
PID:3948

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4408,i,10597648459838880772,16562651767759956329,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:8
1⤵
PID:740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy