Overview

overview

10

Static

static

10

Makala Exe...ox.dll

windows7-x64

1

Makala Exe...ox.dll

windows10-2004-x64

1

Makala Exe...I2.dll

windows7-x64

1

Makala Exe...I2.dll

windows10-2004-x64

1

Makala Exe...er.exe

windows7-x64

10

Makala Exe...er.exe

windows10-2004-x64

10

Makala Exe...UI.dll

windows7-x64

1

Makala Exe...UI.dll

windows10-2004-x64

1

Makala Exe...no.dll

windows7-x64

1

Makala Exe...no.dll

windows10-2004-x64

1

Makala Exe...64.dll

windows7-x64

1

Makala Exe...64.dll

windows10-2004-x64

1

Makala Exe...64.dll

windows7-x64

1

Makala Exe...64.dll

windows10-2004-x64

1

Makala Exe...sh.dll

windows7-x64

1

Makala Exe...sh.dll

windows10-2004-x64

1

Makala Exe...td.dll

windows7-x64

1

Makala Exe...td.dll

windows10-2004-x64

1

Makala Exe...is.dll

windows7-x64

1

Makala Exe...is.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    74s
  • max time network
    76s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    16-12-2024 23:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Makala Executor/bin/libcrypto-3-x64.dll

  • Size

    4.5MB

  • MD5

    be0f6d1d60e149cedaca33a04963e05f

  • SHA1

    b686e1ed9ae47b8ae803a5d9e912b0e631bc4217

  • SHA256

    81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86

  • SHA512

    7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff

  • SSDEEP

    98304:5l+f+Kv6t8y37re39P6k1CPwDvt3uFGCC:/Cyt8yLre39yk1CPwDvt3uFGCC

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Makala Executor\bin\libcrypto-3-x64.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1688 -s 92
      2⤵
        PID:1628
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2884
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x534
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1872

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\Desktop\CompressUndo.xlsx
        Filesize

        12KB

        MD5

        4297aeea9c8ba5d93d3b019efe1b84b8

        SHA1

        82bf467141840898c2f80d531afcbcf6ff6e2df5

        SHA256

        c360ef8cd39d908649d46339aef91b170ee4d8f40ea9734c3f542faffdbf33e6

        SHA512

        40f6d31388f23452568c94d175a773ff13e700397605dc04b6873c94cdfb817a65d68681f49a1f74e57a69eb085cc2ee7d56cff41813ccdda53a0c91f4541e23

        Download Submit

      • C:\Users\Admin\Desktop\ConvertDisconnect.emf
        Filesize

        511KB

        MD5

        465233e949150b9e88fd9ae28558df68

        SHA1

        4499b80d7868570e70f39e99c76ec70b862154dd

        SHA256

        16bf8ff217799a12b7b9ac46abc9735623df1c59563a4a82f3be051efbb3ceb5

        SHA512

        4043541f165cd97a73ba28209729edf4347a9ccf445ffa5457ff0efa36d2a3b983c09dcdf37bbdc1554c97fbdff7b9889f959654009c66fad885849d34721a33

        Download Submit

      • C:\Users\Admin\Desktop\EnterHide.WTV
        Filesize

        255KB

        MD5

        fc6b0bbb2b81f1255084947a185d997f

        SHA1

        71eb6afdbee6db63dea83bacbf50fdda17a90475

        SHA256

        b631ccdbd0624c6da5e6a55f68f35188f2a9cffeafefddda94098298a4bcd3d1

        SHA512

        dc6be9d8226aa10a8af9d496aa6f1a9b742c9d83263b5099ef8036bd985393dbaf841fd57ebf6c04e157f53e8e32f5a65b233051d0dd37422f3367977c6bf433

        Download Submit

      • C:\Users\Admin\Desktop\ExitInitialize.xlsx
        Filesize

        486KB

        MD5

        53bff0d25af74946f1de9ccb95c40a1f

        SHA1

        356a5cd7b2ace82ff6b994963441b34d3804f5e4

        SHA256

        7e9a361a140dbf9cbdce53c8ecb597c508308ded00da96ea428acfa04444fcbc

        SHA512

        6a4113fc9e3e6a6683065b89635bf5739b7c7867e9569be820b81c29e390c9b07fc248a7a3816d0463109362b3c2e8d551595232739aefaa9d5f90ce13c4d4b1

        Download Submit

      • C:\Users\Admin\Desktop\ExportWait.txt
        Filesize

        358KB

        MD5

        05b25a0b706a8785de726e2bdb2c6c7c

        SHA1

        f0c612a1383288da6f1de8f47c7d123bd68d9c04

        SHA256

        97717d71feea3aa46f46517e6d55a31da5de03c7f81c613706478ddbe8a060e0

        SHA512

        31ab7efffbdca44d7a82164e358d72e859af7401cdbe9c9edbea3b0eec2182b6a6dcc5a4223058944246daf86f91e057642caca84ab7b8d74f9633f53360a2b2

        Download Submit

      • C:\Users\Admin\Desktop\NewUnprotect.ini
        Filesize

        998KB

        MD5

        bee3715ba7746792c65de9c10ab67729

        SHA1

        3bad7e8467d86d319d7862a5f8bbec21a74ed933

        SHA256

        034f49058a4b5fe5d8de37d2fa21a6e23b1867622ef8f693a1220471a415ecbd

        SHA512

        b365e954ffef581e9da1dab664a103f0b2dec297d133f139de1b818795d5fb6a7796fdcf7a525661f9c4b77a9a687a6255c1286d22a910041df4407500f88fb9

        Download Submit

      • C:\Users\Admin\Desktop\ProtectImport.pdf
        Filesize

        691KB

        MD5

        76928ed40b9a1cc28fcbb0e379464aca

        SHA1

        cbc26000ff5076818755e2ac1eae6aedfa59ec3f

        SHA256

        8c63648c67514faf4efe418e3735d20edc73a908146e85f08731b052c44a226b

        SHA512

        df03daf3cc53d6687a336bb9d05ff8c294869bf3731c3e74df9e1e893c5aa4624700e32acd88e98dda828f794809568b73312651a46f6ceaac63935245768558

        Download Submit

      • C:\Users\Admin\Desktop\PushRestore.xla
        Filesize

        639KB

        MD5

        925a34832a9e26515cbb46c18d36acd0

        SHA1

        33df28c2361f58c0a5b69b702da8735c151ffeda

        SHA256

        20c531dc555f847221ac22038b431ae7922f2d80d3cbec5ca696320152a4bdf4

        SHA512

        c7b9e6ce298f9bdbf2c2625cbab038836be7973771e4794d69ff95fcf16c955134e48147ee5f100835725f480dd61bf644d992bc154b227bc46b127c9b82ab52

        Download Submit

      • C:\Users\Admin\Desktop\RenameApprove.midi
        Filesize

        409KB

        MD5

        9520f63aae5b4dadc4dff55e66286797

        SHA1

        c54a228710900bd26cfe0b47c16d36b607facf83

        SHA256

        3e72a3f198387bcb8402e9cc6267b4dbd99f6a043902a78becf00deaa08d5d7a

        SHA512

        07acd512c825c96bc4874a5dcf57b4f45a51185d58f20857143e7b22392fd581df32877c06c926413c35a973d943afb3400d71f308d731883a5b2167799cdc14

        Download Submit

      • C:\Users\Admin\Desktop\RevokeCopy.docx
        Filesize

        20KB

        MD5

        d52651e83ded866ff273f5dd46985833

        SHA1

        f54b8b9446bd57a3d3ce648a46baae0eb7cfbcb5

        SHA256

        69df94bb01bb98319b51e4ecf036ab7a8b5455d1c4284b31b38a054aa11457e2

        SHA512

        ac18b3ef53629a2e64494d6d1599df44f93cfe8488130b1e397c90e155c13cceda65636fa06c238291c196602ecf397529b8f87de77cb4916407853286720187

        Download Submit

      • C:\Users\Admin\Desktop\SplitRead.docx
        Filesize

        20KB

        MD5

        b641c44db6d0d0792cfe3b575d03a43b

        SHA1

        67384da790653044700b1359b25f8160c9afcbdd

        SHA256

        208133ca15a462afe0cc914a32bb769fd1f62ddb4b06bffe04f062f5f74e6f42

        SHA512

        1c50d7542ed0bf50f892965d9a54defb1a47d16b516ed0ccee6b84c03162750c314eb885a33894769e14315f68b74cefde737bc3f3b987319d92039086610a7c

        Download Submit

      • C:\Users\Admin\Desktop\StopSelect.xps
        Filesize

        588KB

        MD5

        6454b8beddd6b8e668a5a8c9d21c07fa

        SHA1

        53e15419a26ccb263b251269b4fafe6fbfe0f491

        SHA256

        7eb998452f296399c43b7c80faec53c903d7b2fbd88fd0a5aa8b511ca80602af

        SHA512

        d6507bbdb60ea4ed191640e388a7246a6a60b3bffcf4ef0e8b1f322a1159d422632de35ad5e964106cc093e1a7d9f6e82f4383286796db2736f49108193541d5

        Download Submit

      • C:\Users\Admin\Desktop\SubmitEnable.xlsm
        Filesize

        307KB

        MD5

        894a0ac00a86303ee531b40e423c30bd

        SHA1

        d293817805fa2fe7e13f8d9223320692756b9a03

        SHA256

        f51c7ac747e663e5fd09c7b58e88f79b37f245a4dbaad3432741f90e120d9d70

        SHA512

        afa7ed2cde982bcbf486dc8903286fce7119e5233f3ec026c31204e6ee6faa6a4c2965238732fdf000206e83c069bada3d28b3419e8e80b35b042cc659b2d89c

        Download Submit

      • C:\Users\Admin\Desktop\TestWatch.mpv2
        Filesize

        614KB

        MD5

        7aad6365c8ad6bbdc5175ce659ee652c

        SHA1

        9f72960ec3568489ba2856e27143cf3be2e61ebd

        SHA256

        8b6bcf24773d6f79230855331f2cefa1f542ca0b88e22256bf7ebdba3a7e85bb

        SHA512

        126482729363ba2dd732e485d7c76df57f31398940ba32f65fc07db0634fb025b95be9daa3aad9ef224ff5004ef70ed853724041dd066f6876234d9ddf30b466

        Download Submit

      • C:\Users\Admin\Desktop\UndoRead.zip
        Filesize

        332KB

        MD5

        8bf2364ac1d4cebc3fbbc8c895245158

        SHA1

        ba4cbde97e013d4d9322b185f899ef2fe0375500

        SHA256

        1e5f0a507a6838a6a9b8585c2c6625d1468f8a5bc8eb3a9805b823ff4afa9b3c

        SHA512

        37a7cf05622b382486d13e5a93340b69d8313cde74cedd617fc7600d411a1f4da1de6adb3e2615ab1ca510b842c8ace316a5213589b26c92a7cbebf59d7f258c

        Download Submit

      • C:\Users\Public\Desktop\Adobe Reader 9.lnk
        Filesize

        1KB

        MD5

        28eda8e40e247598945dfcef01373ad6

        SHA1

        06b86e43d50f597b0a53b247ae7ac0d965f93848

        SHA256

        3bc63576f0f82b1e2f5be2ac3f2c02f67efd903ebb850897d27602b63e0953fb

        SHA512

        18229f33b5c1191f2597b41d34e56384393fcdf45dedc4f3d917cdd04260167a70511cf29b7d8646585925d92d5ae8f70590c5421511d790ab8961425be8c424

        Download Submit

      • C:\Users\Public\Desktop\Firefox.lnk
        Filesize

        931B

        MD5

        890c06397a94ac699f2af4263cc01d4a

        SHA1

        4cd98adadbcba82e1c4d716ebbdb2e9058e65cb2

        SHA256

        baed97490463deeac4b9bc7d14a2174c5cd20e2fcacf16102e3a5c11ede499ec

        SHA512

        af542c243175b5e152098fa59ff5ddc09d67f24485365b9f51fd6ff83acb72bf00f20e6d72a9aa26dd8dc7d17f97d68fd3340c70c2a737792f1712707764418d

        Download Submit

      • C:\Users\Public\Desktop\Google Chrome.lnk
        Filesize

        2KB

        MD5

        81cb5d669dbc630480e82abca995984d

        SHA1

        45ff87f4bf2d87a9d31ac062ee7b38edfe763d7f

        SHA256

        d1bfd3f7e48d746821f7bab3584688818e026992bf1f25054d4a1491a615dd89

        SHA512

        7a5319202b4fa539ec5576867e4c665ee2e76c36ae0ff4c5d9cfac1abb09a77e2badd9dce2c8f880d45570746027f9ad72141aab0f707f661d99ecf8b91ace5e

        Download Submit

      • C:\Users\Public\Desktop\VLC media player.lnk
        Filesize

        878B

        MD5

        e1647158f0d01cc985f085404447e9e2

        SHA1

        6d6f9d2042ff9932186ed1925f8963e2e138c555

        SHA256

        3197f3d73914cbc15d093641afca959c47d3a1271181de7d596d864340f6ac62

        SHA512

        851aad1ab7240632e2b82ecef5f12ca0d0f2b81ba9b3743101e38f9a231f4b6aea850bdadeea5fb82a36fe28cd952e1d6bd037200cb934f2af26b0260c0377ca

        Download Submit