9e364ccf2384a19973de23c0b730e50a84a250f915e09253e77740baa69eb9bb | Triage

Submit
Reports

Overview

overview

Static

static

Bin1799/Ca...ll.exe

windows7-x64

Bin1799/Ca...ll.exe

windows10-2004-x64

Bin1799/Client.exe

windows7-x64

5

Bin1799/Client.exe

windows10-2004-x64

5

Bin1799/Pl...u.html

windows7-x64

3

Bin1799/Pl...u.html

windows10-2004-x64

3

Bin1799/Pl...E.html

windows7-x64

3

Bin1799/Pl...E.html

windows10-2004-x64

3

Bin1799/Pl...e.html

windows7-x64

3

Bin1799/Pl...e.html

windows10-2004-x64

3

Bin1799/Pl...E.html

windows7-x64

3

Bin1799/Pl...E.html

windows10-2004-x64

3

Bin1799/Pl...32.exe

windows7-x64

3

Bin1799/Pl...32.exe

windows10-2004-x64

3

Bin1799/Pl...64.exe

windows7-x64

1

Bin1799/Pl...64.exe

windows10-2004-x64

1

Bin1799/Pl...te.exe

windows7-x64

3

Bin1799/Pl...te.exe

windows10-2004-x64

3

Bin1799/Pl...ck.exe

windows7-x64

5

Bin1799/Pl...ck.exe

windows10-2004-x64

5

Bin1799/Pl...de.bat

windows7-x64

Bin1799/Pl...de.bat

windows10-2004-x64

Bin1799/Pl...de.exe

windows7-x64

1

Bin1799/Pl...de.exe

windows10-2004-x64

3

Bin1799/Pl...eo.dll

windows7-x64

1

Bin1799/Pl...eo.dll

windows10-2004-x64

1

Bin1799/Pl...ax.dll

windows7-x64

3

Bin1799/Pl...ax.dll

windows10-2004-x64

3

Bin1799/Pl..._t.dll

windows7-x64

3

Bin1799/Pl..._t.dll

windows10-2004-x64

3

Bin1799/SkinH.dll

windows7-x64

5

Bin1799/SkinH.dll

windows10-2004-x64

5

Analysis

max time kernel
148s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
18-11-2024 09:20

Sharing

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

Bin1799/Cache/Install.exe

Resource

win7-20240903-en

gh0strat purplefox discovery rat rootkit trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Bin1799/Cache/Install.exe

Resource

win10v2004-20241007-en

gh0strat purplefox discovery rat rootkit trojan

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral3

Sample

Bin1799/Client.exe

Resource

win7-20240903-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral4

Sample

Bin1799/Client.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

Bin1799/Plugins/Baidu.html

Resource

win7-20241010-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral6

Sample

Bin1799/Plugins/Baidu.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral7

Sample

Bin1799/Plugins/BaiduE.html

Resource

win7-20240729-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral8

Sample

Bin1799/Plugins/BaiduE.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral9

Sample

Bin1799/Plugins/Gaode.html

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral10

Sample

Bin1799/Plugins/Gaode.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral11

Sample

Bin1799/Plugins/GaodeE.html

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral12

Sample

Bin1799/Plugins/GaodeE.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral13

Sample

Bin1799/Plugins/GetPswd32.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

Bin1799/Plugins/GetPswd32.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

Bin1799/Plugins/GetPswd64.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Bin1799/Plugins/GetPswd64.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Bin1799/Plugins/IPUpdate.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

Bin1799/Plugins/IPUpdate.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

Bin1799/Plugins/PcLock.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

Bin1799/Plugins/PcLock.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

Bin1799/Plugins/ShellCode.bat

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral22

Sample

Bin1799/Plugins/ShellCode.bat

Resource

win10v2004-20241007-en

gh0strat discovery rat

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

Bin1799/Plugins/ShellCode.exe

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Bin1799/Plugins/ShellCode.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

Bin1799/Plugins/bPluginVideo.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Bin1799/Plugins/bPluginVideo.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Bin1799/Plugins/mstscax.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

Bin1799/Plugins/mstscax.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

Bin1799/Plugins/termsrv_t.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

Bin1799/Plugins/termsrv_t.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

Bin1799/SkinH.dll

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

Bin1799/SkinH.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Report Analysis Logs

General

Target

Bin1799/Plugins/bPluginVideo.dll
Size

500KB
MD5

72b1f5ab2e745b3ad06f07a4a8d6b5c5
SHA1

a917f45570d05378a64dd07d766f93eab40491d2
SHA256

0e7a76ebaaa4ea07bfd2cffb4be73f4c0c12f7ca2886ff9d980fa343c097a9d1
SHA512

a059c5f1fdf6f13abc751b04201044767a2c7668b076b00d53203123a94b81a3bf05fa7a12c751fafa3ac34a4f8ed4703e527b49cb4ea68b5a4e78bd599fc96c
SSDEEP

12288:kHOrJlp74eNt8Mp2XStzG5jwG0vgzVzXpnHveCQ:JJMeNGMp2CtzNgzVzXpnHveCQ

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Bin1799\Plugins\bPluginVideo.dll,#1
1⤵
PID:724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy