7fba58c6b7591e50c4471a69a3c478714cb4d39ecd75765958f2b70f9122c0de | Triage

Submit
Reports

Overview

overview

Static

static

1.exe

windows7-x64

1.exe

windows10-2004-x64

ClientPlugin.dll

windows7-x64

1

ClientPlugin.dll

windows10-2004-x64

1

NanoCore.exe

windows7-x64

3

NanoCore.exe

windows10-2004-x64

3

Payload.exe

windows7-x64

7

Payload.exe

windows10-2004-x64

7

PluginCompiler.exe

windows7-x64

3

PluginCompiler.exe

windows10-2004-x64

3

ServerPlugin.dll

windows7-x64

1

ServerPlugin.dll

windows10-2004-x64

1

System.Dat...te.dll

windows7-x64

1

System.Dat...te.dll

windows10-2004-x64

1

client.exe

windows7-x64

client.exe

windows10-2004-x64

x64/SQLite...op.dll

windows7-x64

1

x64/SQLite...op.dll

windows10-2004-x64

1

x86/SQLite...op.dll

windows7-x64

3

x86/SQLite...op.dll

windows10-2004-x64

3

Analysis

max time kernel
93s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
23-12-2024 20:12

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1.exe

Resource

win7-20240903-en

nanocore discovery evasion keylogger persistence spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1.exe

Resource

win10v2004-20241007-en

nanocore discovery evasion keylogger persistence spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

ClientPlugin.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

ClientPlugin.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

NanoCore.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

NanoCore.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload.exe

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

PluginCompiler.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

PluginCompiler.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

ServerPlugin.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

ServerPlugin.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

System.Data.SQLite.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

System.Data.SQLite.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

client.exe

Resource

win7-20241023-en

nanocore evasion keylogger spyware stealer trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

client.exe

Resource

win10v2004-20241007-en

nanocore evasion keylogger spyware stealer trojan

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

x64/SQLite.Interop.dll

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

x64/SQLite.Interop.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

x86/SQLite.Interop.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

x86/SQLite.Interop.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

ClientPlugin.dll
Size

19KB
MD5

bdc8945f1d799c845408522e372d1dbd
SHA1

874b7c3c97cc5b13b9dd172fec5a54bc1f258005
SHA256

61e9d5c0727665e9ef3f328141397be47c65ed11ab621c644b5bbf1d67138403
SHA512

4fa0ed4ef66e4c442f5fc628e8bfc8a4f84cb213210643996d9387027edb619c054f6104ac889ae77cece09f0304f95d5f20e14d66847e2d382ef51eecec0962
SSDEEP

192:VYLQui6h6p5WW3tZVTnlYJL/eLYLTr2/C8:VYLQu/6/fKqLYLTR

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ClientPlugin.dll,#1
1⤵
PID:4296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy