Overview

overview

7

Static

static

3

155绿色�...��.url

windows7-x64

1

155绿色�...��.url

windows10-2004-x64

1

GoKuaiSetu...54.exe

windows7-x64

7

GoKuaiSetu...54.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

GoKuai.exe

windows7-x64

6

GoKuai.exe

windows10-2004-x64

6

GoKuaiMenuEx.dll

windows7-x64

3

GoKuaiMenuEx.dll

windows10-2004-x64

3

GoKuaiUpdate.exe

windows7-x64

3

GoKuaiUpdate.exe

windows10-2004-x64

3

Repair.exe

windows7-x64

6

Repair.exe

windows10-2004-x64

7

RunLaunch.exe

windows7-x64

3

RunLaunch.exe

windows10-2004-x64

3

atl100.dll

windows7-x64

3

atl100.dll

windows10-2004-x64

3

bugreport.exe

windows7-x64

3

bugreport.exe

windows10-2004-x64

3

mfc100.dll

windows7-x64

3

mfc100.dll

windows10-2004-x64

3

msvcp100.dll

windows7-x64

3

msvcp100.dll

windows10-2004-x64

3

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

msvcr71.dll

windows7-x64

3

msvcr71.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/09/2024, 22:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GoKuaiSetup_5.2.0.54.exe

  • Size

    3.3MB

  • MD5

    2dd8d9afef48b41bd959a5ffb75cf99f

  • SHA1

    cb2bafc913d9403a0c807001f6376c623596e502

  • SHA256

    2f22660b3e3147fdfcc5e2793864546eb3f9701db24f460fb410dc20aebc0add

  • SHA512

    e5303c43ab8b3ad18d1feee32ef2489679ab668bfe7d6a57b42d3934fa7d03eb9eedfb867b11d192b9e4a4276a01d72b58657ce42d8fdb9c837f56764b6a95dc

  • SSDEEP

    98304:dVoQnA7zR3LZSoajRq/5i3K02UJpAw9l0qGm:dGQnA7V1SoajRai6IAwUqj

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\GoKuaiSetup_5.2.0.54.exe
    "C:\Users\Admin\AppData\Local\Temp\GoKuaiSetup_5.2.0.54.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:4396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nse768A.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse768A.tmp\ioSpecial.ini
    Filesize

    631B

    MD5

    ab8197818670635b0cb16904bfd939b0

    SHA1

    b1f884ce7dc4d46e7a7a198c5ac3f9f019b670ee

    SHA256

    058ceee2b62644719cee8109bbbba5c0d67ea1364ba2c5585ec208a7b5ee6499

    SHA512

    33471f6a44ec0b6a86c1f01ab33149ac69d47742e8b2ed43d2813b56652cbc42036961602dd4e837c9c74eea84422e0662648d763afa0ced5636c202a72f178c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse768A.tmp\ioSpecial.ini
    Filesize

    644B

    MD5

    01e198098113638d54ebed2b851368ed

    SHA1

    43c9d7564ff3d9c5ff27116f3b89a6b5043466e9

    SHA256

    5eacf1a3e654bbb15da8d1956c523229397b60882c779e48d8167493a1a9227d

    SHA512

    cd4ea6b7e998192a118d8e10a3871e69df2c9fda2dc6322c2b48b96d7ebc204c67d5a8b4bc9ce0a88c722bc2a1b5bca4284ec064be54a807338dd64cba93de2d

    Download Submit