033741185e995343ff198919c1eb8602f1f4c925fb4052f13e5ca6f598672ca5

Submit
Reports

Overview

overview

Static

static

HeraklesMT...T2.exe

windows7-x64

HeraklesMT...T2.exe

windows10-2004-x64

HeraklesMT...se.dll

windows7-x64

HeraklesMT...se.dll

windows10-2004-x64

HeraklesMT...32.dll

windows7-x64

HeraklesMT...32.dll

windows10-2004-x64

HeraklesMT...y2.dll

windows7-x64

HeraklesMT...y2.dll

windows10-2004-x64

HeraklesMT...id.dll

windows7-x64

HeraklesMT...id.dll

windows10-2004-x64

HeraklesMT...15.dll

windows7-x64

HeraklesMT...15.dll

windows10-2004-x64

HeraklesMT...lu.dll

windows7-x64

HeraklesMT...lu.dll

windows10-2004-x64

HeraklesMT...lp.dll

windows7-x64

HeraklesMT...lp.dll

windows10-2004-x64

HeraklesMT...32.dll

windows7-x64

HeraklesMT...32.dll

windows10-2004-x64

HeraklesMT...32.dll

windows7-x64

HeraklesMT...32.dll

windows10-2004-x64

HeraklesMT...20.dll

windows7-x64

HeraklesMT...20.dll

windows10-2004-x64

HeraklesMT...0d.dll

windows7-x64

HeraklesMT...0d.dll

windows10-2004-x64

HeraklesMT...00.dll

windows7-x64

HeraklesMT...00.dll

windows10-2004-x64

HeraklesMT...20.dll

windows7-x64

HeraklesMT...20.dll

windows10-2004-x64

HeraklesMT...0d.dll

windows7-x64

HeraklesMT...0d.dll

windows10-2004-x64

HeraklesMT...32.dll

windows7-x64

HeraklesMT...32.dll

windows10-2004-x64

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
02-10-2024 09:28

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

3 signatures

Behavioral task

behavioral1

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/HeraklesMT2.exe

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/HeraklesMT2.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/KernelBase.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/KernelBase.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/MSS32.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/MSS32.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/granny2.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/granny2.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/hid.dll

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/hid.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ijl15.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ijl15.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ilu.dll

Resource

win7-20240903-en

discovery upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ilu.dll

Resource

win10v2004-20240802-en

discovery upx

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/imagehlp.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/imagehlp.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/imm32.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/imm32.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/kernel32.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/kernel32.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcp120.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcp120.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcp120d.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcp120d.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr100.dll

Resource

win7-20240729-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr100.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr120.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr120.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr120d.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr120d.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ole32.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ole32.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr100.dll
Size

808KB
MD5

aed6d63cfa5a3ef7021af9c457fee994
SHA1

f6ad746ef520b03df6cf0f5a2512d0df964c4688
SHA256

b4bfa27f677295b00a1df9a7e14db4b75cac2dd41b898d4e9a378eccce3699f0
SHA512

5573b17eb19d13cc96df5d66ef60cc8ff98e1ac9d8582a870ed2befa28ee271fb41741a92aa703234150fceadf4a436d10b8a6518c1816d0c804eb1261650d2d
SSDEEP

24576:C5e4L1vwTowTWqwVeeK7R/myyKgn9IrzOI:C5e4LfUWqAacn9Y

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2716 wrote to memory of 2732	2716	rundll32.exe	30
PID 2716 wrote to memory of 2732	2716	rundll32.exe	30
PID 2716 wrote to memory of 2732	2716	rundll32.exe	30

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\HeraklesMT2Full17082013\HERAKLESMT2FULLPACK\msvcr100.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2716
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2716 -s 80
  2⤵
  PID:2732

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads