Overview

overview

7

Static

static

3

antimicrox...64.exe

windows7-x64

7

antimicrox...64.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...nu.dll

windows7-x64

1

$PLUGINSDI...nu.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...fo.dll

windows7-x64

1

$PLUGINSDI...fo.dll

windows10-2004-x64

1

bin/Qt5Concurrent.dll

windows7-x64

1

bin/Qt5Concurrent.dll

windows10-2004-x64

1

bin/Qt5Core.dll

windows7-x64

1

bin/Qt5Core.dll

windows10-2004-x64

1

bin/Qt5Gui.dll

windows7-x64

1

bin/Qt5Gui.dll

windows10-2004-x64

1

bin/Qt5Network.dll

windows7-x64

1

bin/Qt5Network.dll

windows10-2004-x64

1

bin/Qt5Widgets.dll

windows7-x64

1

bin/Qt5Widgets.dll

windows10-2004-x64

1

bin/SDL2.dll

windows7-x64

1

bin/SDL2.dll

windows10-2004-x64

1

bin/antimicrox.exe

windows7-x64

1

bin/antimicrox.exe

windows10-2004-x64

1

bin/libEGL.dll

windows7-x64

1

bin/libEGL.dll

windows10-2004-x64

1

bin/libcry...64.dll

windows7-x64

1

bin/libcry...64.dll

windows10-2004-x64

1

bin/libgcc...-1.dll

windows7-x64

1

bin/libgcc...-1.dll

windows10-2004-x64

1

bin/libssl...64.dll

windows7-x64

1

bin/libssl...64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2024 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bin/Qt5Concurrent.dll

  • Size

    72KB

  • MD5

    f73eaa63146a4a389c6e12c204c4267a

  • SHA1

    fba96e1c526577154b15a81eba6f9ff1d77efa08

  • SHA256

    bee08138f9087edc8e4161a9a7717aefc948acea015eb5f00cbc3020df40b4b5

  • SHA512

    bbfcb4ba6b4e083a50fd7152d8d9b51b15542c2e26f479d35ce05b2b4b188cfcf60cea93fce8401e1e9748e61be3ad5e17d256fd13391b3b3d730f1d6e7ae370

  • SSDEEP

    1536:vsunFiMbHdlKP1UzWNrwYUkSwd8esXd2Mf2sF9dF/xUfH:0wWNT8esXd2Mf2sF9dFo

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\bin\Qt5Concurrent.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2276 -s 228
      2⤵
        PID:2624

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2276-0-0x000000006A2C0000-0x000000006A2D1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2276-2-0x000007FEFAF90000-0x000007FEFAFA6000-memory.dmp

      Filesize

      88KB

      Download

    • memory/2276-1-0x000007FEFACB0000-0x000007FEFACDC000-memory.dmp

      Filesize

      176KB

      Download

    • memory/2276-3-0x000007FEF7080000-0x000007FEF72D3000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/2276-4-0x0000000068880000-0x0000000068EB9000-memory.dmp

      Filesize

      6.2MB

      Download