Overview
overview
6Static
static
3GDLauncher...64.exe
windows10-ltsc 2021-x64
6$PLUGINSDI...er.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...ls.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...em.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...ll.dll
windows10-ltsc 2021-x64
3GDLauncher.exe
windows10-ltsc 2021-x64
6LICENSES.c...m.html
windows10-ltsc 2021-x64
4d3dcompiler_47.dll
windows10-ltsc 2021-x64
1ffmpeg.dll
windows10-ltsc 2021-x64
1libEGL.dll
windows10-ltsc 2021-x64
1libGLESv2.dll
windows10-ltsc 2021-x64
1owutility.dll
windows10-ltsc 2021-x64
1resources/...le.exe
windows10-ltsc 2021-x64
5resources/elevate.exe
windows10-ltsc 2021-x64
3vk_swiftshader.dll
windows10-ltsc 2021-x64
1vulkan-1.dll
windows10-ltsc 2021-x64
1$PLUGINSDI...ec.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...7z.dll
windows10-ltsc 2021-x64
3$R0/Uninst...er.exe
windows10-ltsc 2021-x64
5$PLUGINSDIR/INetC.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...ls.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...em.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...ll.dll
windows10-ltsc 2021-x64
3$PLUGINSDI...ec.dll
windows10-ltsc 2021-x64
3Analysis
-
max time kernel
148s -
max time network
159s -
platform
windows10-ltsc 2021_x64 -
resource
win10ltsc2021-20241023-en -
resource tags
arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system -
submitted
13-11-2024 10:07
Static task
static1
Behavioral task
behavioral1
Sample
GDLauncher__2.0.20__win__x64.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/SpiderBanner.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/WinShell.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral6
Sample
GDLauncher.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral7
Sample
LICENSES.chromium.html
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral8
Sample
d3dcompiler_47.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral9
Sample
ffmpeg.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral10
Sample
libEGL.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral11
Sample
libGLESv2.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral12
Sample
owutility.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral13
Sample
resources/binaries/core_module.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral14
Sample
resources/elevate.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral15
Sample
vk_swiftshader.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral16
Sample
vulkan-1.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral19
Sample
$R0/Uninstall GDLauncher.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/INetC.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/System.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/WinShell.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10ltsc2021-20241023-en
General
-
Target
resources/binaries/core_module.exe
-
Size
40.6MB
-
MD5
0adf3331e34150110edfacd3978db8da
-
SHA1
5a73b7177ec2e977ca2b144e0df6d9d61c21e990
-
SHA256
577d16975eb070055a706043dea10d7d2d60b576f34fc729e40df5703569529d
-
SHA512
4a501c55ac9afc0fb00969a628abc305a4290f77df1af337ea61e0a9ce3627a66f8b86c93b9a41f3323ef20f029ebd936d722358a38876514ef3f8f3200b6053
-
SSDEEP
196608:RSeQbqp2at6MNneItKWZJBFpwK9MmHK/bG5l2k7Iy+r:R6biN6en1KWZdpwK9MgK/bG5l2k7IyY
Malware Config
Signatures
-
Drops file in System32 directory 18 IoCs
Processes:
core_module.exedescription ioc Process File opened for modification C:\Windows\SYSTEM32\carbon_app.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\symbols\exe\carbon_app.pdb core_module.exe File opened for modification C:\Windows\System32\exe\carbon_app.pdb core_module.exe File opened for modification C:\Windows\System32\symbols\exe\carbon_app.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\kernel32.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\DLL\kernel32.pdb core_module.exe File opened for modification C:\Windows\System32\ntdll.pdb core_module.exe File opened for modification C:\Windows\System32\symbols\dll\ntdll.pdb core_module.exe File opened for modification C:\Windows\System32\symbols\DLL\kernel32.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\dll\ntdll.pdb core_module.exe File opened for modification C:\Windows\System32\carbon_app.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\symbols\DLL\kernel32.pdb core_module.exe File opened for modification C:\Windows\System32\DLL\kernel32.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\symbols\dll\ntdll.pdb core_module.exe File opened for modification C:\Windows\System32\dll\ntdll.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\exe\carbon_app.pdb core_module.exe File opened for modification C:\Windows\System32\kernel32.pdb core_module.exe File opened for modification C:\Windows\SYSTEM32\ntdll.pdb core_module.exe