e06aa8ce984b22dd80a60c1f818b781b05d1c07facc91fec8637b312a728c145 | Triage

Submit
Reports

Overview

overview

Static

static

7

IMG001.exe

windows10-2004-x64

7

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$R9/NsCpuC...32.exe

windows10-2004-x64

7

$R9/NsCpuC...64.exe

windows10-2004-x64

7

$R9/Plugin...os.dll

windows10-2004-x64

3

$R9/Plugins/inetc.dll

windows10-2004-x64

3

$R9/Plugins/info.zip

windows10-2004-x64

1

info.vbe

windows10-2004-x64

8

$R9/Plugins/tftp.exe

windows10-2004-x64

$R9/Stubs/bzip2.exe

windows10-2004-x64

3

$R9/Stubs/...id.exe

windows10-2004-x64

3

$R9/Stubs/folder.ico

windows10-2004-x64

3

$R9/Stubs/icon.ico

windows10-2004-x64

3

$R9/Stubs/lzma.exe

windows10-2004-x64

3

$R9/Stubs/rar.ico

windows10-2004-x64

3

$R9/Stubs/uninst

windows10-2004-x64

1

$R9/Stubs/zlib.exe

windows10-2004-x64

3

$R9/makensis.exe

windows10-2004-x64

3

$R9/pools.txt

windows10-2004-x64

1

$TEMP/info.zip

windows10-2004-x64

1

info.vbe

windows10-2004-x64

8

$TEMP/tftp.exe

windows10-2004-x64

Analysis

max time kernel
128s
max time network
116s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
07-10-2024 10:43

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

IMG001.exe

Resource

win10v2004-20240802-en

discovery persistence

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/ExecDos.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/inetc.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$R9/NsCpuCNMiner32.exe

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$R9/NsCpuCNMiner64.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$R9/Plugins/ExecDos.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$R9/Plugins/inetc.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$R9/Plugins/info.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

info.vbe

Resource

win10v2004-20240910-en

defense_evasion

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral10

Sample

$R9/Plugins/tftp.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

$R9/Stubs/bzip2.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

$R9/Stubs/bzip2_solid.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

$R9/Stubs/folder.ico

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

$R9/Stubs/icon.ico

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

$R9/Stubs/lzma.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

$R9/Stubs/rar.ico

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

$R9/Stubs/uninst

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

$R9/Stubs/zlib.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

$R9/makensis.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

$R9/pools.txt

Resource

win10v2004-20240910-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

$TEMP/info.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

info.vbe

Resource

win10v2004-20240802-en

defense_evasion

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral23

Sample

$TEMP/tftp.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

$R9/pools.txt
Size

500B
MD5

5137876455f2fd0c032ceed6fdbe49cb
SHA1

a33210e43247b1f04f51a341e5be79f769acc941
SHA256

8689fd11c63754aeabb202d7e1db3e5fe896f4e4e3597d4bfed58950f3110bb9
SHA512

3deef3848e340a0a631a8969ebabfde22a9a5c69a0c2ec2ad7e2e745800a593591f173c5611b573be7ea87261459d97680e85b13da73e39a8aabdfbfc7609761

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\$R9\pools.txt
1⤵
PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy