Overview

overview

7

Static

static

3

cache-monk....7.exe

windows11-21h2-x64

7

$PLUGINSDI...er.dll

windows11-21h2-x64

3

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...ll.dll

windows11-21h2-x64

3

natives_blob.js

windows11-21h2-x64

3

osmesa.dll

windows11-21h2-x64

3

resources/electron.js

windows11-21h2-x64

3

resources/elevate.exe

windows11-21h2-x64

3

swiftshade...GL.dll

windows11-21h2-x64

3

swiftshade...v2.dll

windows11-21h2-x64

3

CacheMonkey.exe

windows11-21h2-x64

1

LICENSES.c...m.html

windows11-21h2-x64

3

VkICD_mock_icd.dll

windows11-21h2-x64

1

VkLayer_co...on.dll

windows11-21h2-x64

1

VkLayer_ob...er.dll

windows11-21h2-x64

1

VkLayer_pa...on.dll

windows11-21h2-x64

1

VkLayer_threading.dll

windows11-21h2-x64

1

VkLayer_un...ts.dll

windows11-21h2-x64

1

d3dcompiler_47.dll

windows11-21h2-x64

1

ffmpeg.dll

windows11-21h2-x64

1

libEGL.dll

windows11-21h2-x64

1

libGLESv2.dll

windows11-21h2-x64

1

natives_blob.js

windows11-21h2-x64

3

osmesa.dll

windows11-21h2-x64

1

resources/electron.js

windows11-21h2-x64

3

resources/elevate.exe

windows11-21h2-x64

3

swiftshade...GL.dll

windows11-21h2-x64

1

swiftshade...v2.dll

windows11-21h2-x64

1

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDI...7z.dll

windows11-21h2-x64

3

Uninstall ...ey.exe

windows11-21h2-x64

7

Analysis

  • max time kernel
    439s
  • max time network
    444s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23-10-2024 18:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    swiftshader/libEGL.dll

  • Size

    114KB

  • MD5

    6719a302e5ee98c64264ac961c95c9e5

  • SHA1

    3969f86ec9469436ea340135a27d340fb2e3cea3

  • SHA256

    d1d47f5026e762499da49cfda86cf6aca7c2d9f653f60445911eb31c9ace476f

  • SHA512

    0cbe10057a26323e233cbcb5bc231be86cffe0be552756969796b3092a5ec38a09d1c596042d334a17c2d7fc54a95bff18d4a61a9b9ddfe55d0549c99b2ddd52

  • SSDEEP

    3072:Nhmt4D7bdooFwVY1WLCHbRoNX3LfUkIW:m+DfGoV1LH+UO

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\swiftshader\libEGL.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1052
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\swiftshader\libEGL.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads