1af30897308adc5597a9806f7940202676ed2a32d0b8df87e2f36a2a6b30af22

Submit
Reports

Overview

overview

Static

static

proxy.XmSP...C0.dll

windows10-2004-x64

proxy.XmSP...83.dll

windows7-x64

proxy.XmSP...83.dll

windows10-2004-x64

proxy.XmSP...sg.dll

windows10-2004-x64

proxy.XmSP...ME.dll

windows10-2004-x64

proxy.XmSP...re.dll

windows7-x64

proxy.XmSP...re.dll

windows10-2004-x64

proxy.XmSP...ta.dll

windows7-x64

proxy.XmSP...ta.dll

windows10-2004-x64

proxy.XmSP...UN.exe

windows7-x64

proxy.XmSP...UN.exe

windows10-2004-x64

proxy.XmSP...on.dll

windows10-2004-x64

proxy.XmSP...ne.dll

windows10-2004-x64

proxy.XmSP...ss.dll

windows10-2004-x64

proxy.XmSP...nt.dll

windows10-2004-x64

proxy.XmSP...ib.dll

windows7-x64

proxy.XmSP...ib.dll

windows10-2004-x64

proxy.XmSP...ME.dll

windows10-2004-x64

proxy.XmSP...32.dll

windows10-2004-x64

proxy.XmSP...pi.dll

windows10-2004-x64

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
11-10-2024 01:13

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

proxy.XmSProject/0FC343C0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

proxy.XmSProject/B7091C83.dll

Resource

win7-20241010-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

proxy.XmSProject/B7091C83.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

proxy.XmSProject/CbsMsg.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

proxy.XmSProject/DICTS/mshwchtrIME.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

proxy.XmSProject/PresentationCore/PresentationCore.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

proxy.XmSProject/PresentationCore/PresentationCore.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

proxy.XmSProject/PresentationCore/System.Data.dll

Resource

win7-20240708-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

proxy.XmSProject/PresentationCore/System.Data.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

proxy.XmSProject/RUN.exe

Resource

win7-20240903-en

meduza collection discovery spyware stealer

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral11

Sample

proxy.XmSProject/RUN.exe

Resource

win10v2004-20241007-en

meduza collection discovery spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Behavioral task

behavioral12

Sample

proxy.XmSProject/mscorlib/SettingsHandlers_InputPersonalization.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

proxy.XmSProject/mscorlib/SettingsHandlers_ManagePhone.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

proxy.XmSProject/mscorlib/SettingsHandlers_WorkAccess.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

proxy.XmSProject/mscorlib/SettingsHandlers_nt.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

proxy.XmSProject/mscorlib/v4.0_4.0.0.0__b77a5c561934e089/mscorlib.dll

Resource

win7-20241010-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

proxy.XmSProject/mscorlib/v4.0_4.0.0.0__b77a5c561934e089/mscorlib.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

proxy.XmSProject/mshwkorrIME.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

proxy.XmSProject/twain_32.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

proxy.XmSProject/wrpintapi.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

proxy.XmSProject/mscorlib/SettingsHandlers_ManagePhone.dll
Size

299KB
MD5

6f186dad5e59ee35373e9c3276a83693
SHA1

e0efa75d1a8c8417b58af954a097d354cf652127
SHA256

47db47684cb533239b5d1ab667e307bdcbeafef4336dddee3ee80b25916d9f7f
SHA512

f5432134057773406b76342af1d16537ba75543919f1f3318ab5d14931e00229fa6d0a56a6647fcde5df9269dba3a5bb840153b8bc156e8295ceb72c69f8bc1f
SSDEEP

3072:RlGIwzVYbiZP4AMWWakLPXnDz1MTvtVrXwszBZNun65Z+vAfODa42jS0lq6xeJaG:nimGZP4A8LVMTvtKszlun6iW7N50Jv

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\proxy.XmSProject\mscorlib\SettingsHandlers_ManagePhone.dll,#1
1⤵
PID:2436

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads