937c46006e622509af09340233e000490f1294a6122f6d222abd8239c15f3a0c

Submit
Reports

Overview

overview

Static

static

Unlock_App_v1.4.exe

windows11-21h2-x64

langs/H_Hayat_x64.dll

windows11-21h2-x64

langs/Qt5GuiVBox.dll

windows11-21h2-x64

langs/Secu...on.dll

windows11-21h2-x64

langs/VBox...86.dll

windows11-21h2-x64

langs/VBox...86.dll

windows11-21h2-x64

langs/winmm.dll

windows11-21h2-x64

lesseeVari...es.dll

windows11-21h2-x64

locales/re...me.dll

windows11-21h2-x64

locales/re...me.dll

windows11-21h2-x64

locales/re...me.dll

windows11-21h2-x64

locales/re...ro.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...le.dll

windows11-21h2-x64

locales/re...ng.dll

windows11-21h2-x64

Analysis

max time kernel
89s
max time network
96s
platform
windows11-21h2_x64
resource
win11-20241007-es
resource tags

arch:x64arch:x86image:win11-20241007-eslocale:es-esos:windows11-21h2-x64systemwindows
submitted
21-12-2024 21:08

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Unlock_App_v1.4.exe

Resource

win11-20241007-es

windows11-21h2-x64

23 signatures

150 seconds

Behavioral task

behavioral2

Sample

langs/H_Hayat_x64.dll

Resource

win11-20241007-es

persistence privilege_escalation

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

langs/Qt5GuiVBox.dll

Resource

win11-20241023-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

langs/Security-Common.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

langs/VBoxClient-x86.dll

Resource

win11-20241007-es

discovery

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

langs/VBoxProxyStub-x86.dll

Resource

win11-20241007-es

discovery

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

langs/winmm.dll

Resource

win11-20241007-es

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

lesseeVariant/modules.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

locales/resources/Data/Managed/Unity.Postprocessing.Runtime.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

locales/resources/Data/Managed/Unity.RenderPipelines.Core.Runtime.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

locales/resources/Data/Managed/Unity.RenderPipelines.Lightweight.Runtime.dll

Resource

win11-20241023-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

locales/resources/Data/Managed/Unity.TextMeshPro.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

locales/resources/Data/Managed/UnityEngine.AIModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

locales/resources/Data/Managed/UnityEngine.ARModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

locales/resources/Data/Managed/UnityEngine.ClothModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

locales/resources/Data/Managed/UnityEngine.CloudWebServicesModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

locales/resources/Data/Managed/UnityEngine.ClusterInputModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

locales/resources/Data/Managed/UnityEngine.ClusterRendererModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

locales/resources/Data/Managed/UnityEngine.CoreModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

locales/resources/Data/Managed/UnityEngine.CrashReportingModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

locales/resources/Data/Managed/UnityEngine.DirectorModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

locales/resources/Data/Managed/UnityEngine.FacebookModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

locales/resources/Data/Managed/UnityEngine.FileSystemHttpModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

locales/resources/Data/Managed/UnityEngine.GameCenterModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

locales/resources/Data/Managed/UnityEngine.GridModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

locales/resources/Data/Managed/UnityEngine.HotReloadModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

locales/resources/Data/Managed/UnityEngine.IMGUIModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

locales/resources/Data/Managed/UnityEngine.ImageConversionModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

locales/resources/Data/Managed/UnityEngine.InputModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

locales/resources/Data/Managed/UnityEngine.JSONSerializeModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

locales/resources/Data/Managed/UnityEngine.LocalizationModule.dll

Resource

win11-20241007-es

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

locales/resources/Data/Managed/UnityEngine.Networking.dll

Resource

win11-20241023-es

windows11-21h2-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

langs/winmm.dll
Size

4.0MB
MD5

11f756e2fa97d0fb46c2875b11dfde52
SHA1

e0301b76305ae22fbcb043a85871d2f7604c35ac
SHA256

3c0bd30009f4c97bb96742dbb873efc062a111bf6f4a39b808471310628bb42d
SHA512

b9a1c54225871089ae13a87da0e5e3e6f58be054dc2a9018a070e9b950e69abe97dca512d1258c94827b2e192bb6f5dbb1684219247604cd9fa94bf167bc2ca3
SSDEEP

98304:NJ06y8mfFEHhjaZ1m4OiPUDx9oEZmEu/5mGFY/3FP8:zKtIhjq1m4HPUDrEX/Q1/3+

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
4424	rundll32.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4424	rundll32.exe
4424	rundll32.exe

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\langs\winmm.dll,#1
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
PID:4424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4424-0-0x00007FFF0137C000-0x00007FFF015F0000-memory.dmp

Filesize
2.5MB

Download
memory/4424-1-0x00007FFF11090000-0x00007FFF11092000-memory.dmp

Filesize
8KB

Download
memory/4424-2-0x00007FFF01340000-0x00007FFF019E5000-memory.dmp

Filesize
6.6MB

Download
memory/4424-5-0x00007FFF0137C000-0x00007FFF015F0000-memory.dmp

Filesize
2.5MB

Download