Overview
overview
10Static
static
10capesolo-0...zer.py
windows7-x64
3capesolo-0...zer.py
windows10-2004-x64
3capesolo-0...ct.exe
windows7-x64
1capesolo-0...ct.exe
windows10-2004-x64
1capesolo-0...64.exe
windows7-x64
1capesolo-0...64.exe
windows10-2004-x64
1capesolo-0...t3.exe
windows7-x64
3capesolo-0...t3.exe
windows10-2004-x64
3capesolo-0...le.exe
windows7-x64
1capesolo-0...le.exe
windows10-2004-x64
3capesolo-0...er.exe
windows7-x64
1capesolo-0...er.exe
windows10-2004-x64
3capesolo-0...64.exe
windows7-x64
1capesolo-0...64.exe
windows10-2004-x64
1capesolo-0...ec.exe
windows7-x64
3capesolo-0...ec.exe
windows10-2004-x64
3capesolo-0...ol.exe
windows7-x64
3capesolo-0...ol.exe
windows10-2004-x64
3capesolo-0...ior.py
windows7-x64
3capesolo-0...ior.py
windows10-2004-x64
3capesolo-0...ils.py
windows7-x64
3capesolo-0...ils.py
windows10-2004-x64
3capesolo-0...tbl.py
windows7-x64
3capesolo-0...tbl.py
windows10-2004-x64
3capesolo-0...log.py
windows7-x64
3capesolo-0...log.py
windows10-2004-x64
3capesolo-0...cts.py
windows7-x64
3capesolo-0...cts.py
windows10-2004-x64
3capesolo-0..._pe.py
windows7-x64
3capesolo-0..._pe.py
windows10-2004-x64
3capesolo-0...ils.py
windows7-x64
3capesolo-0...ils.py
windows10-2004-x64
3Analysis
-
max time kernel
93s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
16-11-2024 01:15
Behavioral task
behavioral1
Sample
capesolo-0.4.11/CAPEsolo/analyzer.py
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
capesolo-0.4.11/CAPEsolo/analyzer.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
capesolo-0.4.11/CAPEsolo/bin/PPLinject.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
capesolo-0.4.11/CAPEsolo/bin/PPLinject.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
capesolo-0.4.11/CAPEsolo/bin/PPLinject64.exe
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
capesolo-0.4.11/CAPEsolo/bin/PPLinject64.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
capesolo-0.4.11/CAPEsolo/bin/autoit3.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
capesolo-0.4.11/CAPEsolo/bin/autoit3.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
capesolo-0.4.11/CAPEsolo/bin/file.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
capesolo-0.4.11/CAPEsolo/bin/file.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
capesolo-0.4.11/CAPEsolo/bin/loader.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
capesolo-0.4.11/CAPEsolo/bin/loader.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
capesolo-0.4.11/CAPEsolo/bin/loader_x64.exe
Resource
win7-20241023-en
Behavioral task
behavioral14
Sample
capesolo-0.4.11/CAPEsolo/bin/loader_x64.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
capesolo-0.4.11/CAPEsolo/bin/psexec.exe
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
capesolo-0.4.11/CAPEsolo/bin/psexec.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
capesolo-0.4.11/CAPEsolo/bin/signtool.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
capesolo-0.4.11/CAPEsolo/bin/signtool.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
capesolo-0.4.11/CAPEsolo/capelib/behavior.py
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
capesolo-0.4.11/CAPEsolo/capelib/behavior.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
capesolo-0.4.11/CAPEsolo/capelib/cape_utils.py
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
capesolo-0.4.11/CAPEsolo/capelib/cape_utils.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
capesolo-0.4.11/CAPEsolo/capelib/logtbl.py
Resource
win7-20241010-en
Behavioral task
behavioral24
Sample
capesolo-0.4.11/CAPEsolo/capelib/logtbl.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
capesolo-0.4.11/CAPEsolo/capelib/netlog.py
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
capesolo-0.4.11/CAPEsolo/capelib/netlog.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
capesolo-0.4.11/CAPEsolo/capelib/objects.py
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
capesolo-0.4.11/CAPEsolo/capelib/objects.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
capesolo-0.4.11/CAPEsolo/capelib/parse_pe.py
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
capesolo-0.4.11/CAPEsolo/capelib/parse_pe.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
capesolo-0.4.11/CAPEsolo/capelib/path_utils.py
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
capesolo-0.4.11/CAPEsolo/capelib/path_utils.py
Resource
win10v2004-20241007-en
General
-
Target
capesolo-0.4.11/CAPEsolo/bin/PPLinject64.exe
-
Size
161KB
-
MD5
98ad00fd997b2fc9811c753a95733b52
-
SHA1
aca34eabff8de2745a5b131ac3f386a934e96622
-
SHA256
30157fe7c671b59de77cc326160b3003cf61dde0c281bd7d7c20fa477039e058
-
SHA512
2d3960caf5aedc255f9999862fddfe3dd0ee685f08406984cbccdaf1ca2b031b721ac52bc3edeed31267c8862a50e6f9e0d4a75599c01871369c8cb4fe1c0caa
-
SSDEEP
3072:Z3ioDCfmbIMLTOl8frwcOxS95QeCi0fGNEBpe/9tG7/vL5iALc4:NpLil80yOff/M9IiIc
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request149.220.183.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request134.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request196.249.167.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request197.87.175.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request206.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request88.210.23.2.in-addr.arpaIN PTRResponse88.210.23.2.in-addr.arpaIN PTRa2-23-210-88deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request14.227.111.52.in-addr.arpaIN PTRResponse
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
149.220.183.52.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
134.32.126.40.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
196.249.167.52.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
197.87.175.4.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
206.23.85.13.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
88.210.23.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
14.227.111.52.in-addr.arpa