9c4dbf2cc6c32c8758338271c02a242a0f1a2b43793bbfec12ee670d8af0e7b1

Submit
Reports

Overview

overview

Static

static

yilu_win64/init.bat

windows7-x64

yilu_win64/init.bat

windows10-2004-x64

yilu_win64...ce.exe

windows7-x64

yilu_win64...ce.exe

windows10-2004-x64

yilu_win64/start.bat

windows7-x64

yilu_win64/start.bat

windows10-2004-x64

yilu_win64/stop.bat

windows7-x64

yilu_win64/stop.bat

windows10-2004-x64

yilu_win64...CL.dll

windows7-x64

yilu_win64...CL.dll

windows10-2004-x64

yilu_win64...ta.exe

windows7-x64

yilu_win64...ta.exe

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...-0.dll

windows10-2004-x64

yilu_win64...40.dll

windows7-x64

yilu_win64...40.dll

windows10-2004-x64

yilu_win64...te.exe

windows7-x64

yilu_win64...te.exe

windows10-2004-x64

yilu_win64...40.dll

windows7-x64

yilu_win64...40.dll

windows10-2004-x64

yilu_win64...80.dll

windows7-x64

yilu_win64...80.dll

windows10-2004-x64

Analysis

max time kernel
121s
max time network
129s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25-12-2024 19:51

Sharing

Copy URL

Twitter E-mail

Static task

static1

miner xmrig

3 signatures

Behavioral task

behavioral1

Sample

yilu_win64/init.bat

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

yilu_win64/init.bat

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

yilu_win64/mservice.exe

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

yilu_win64/mservice.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

yilu_win64/start.bat

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

yilu_win64/start.bat

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

yilu_win64/stop.bat

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

yilu_win64/stop.bat

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

yilu_win64/work/protecta/OpenCL.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

yilu_win64/work/protecta/OpenCL.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

yilu_win64/work/protecta/protecta.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

yilu_win64/work/protecta/protecta.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

yilu_win64/work/protecte/api-ms-win-crt-convert-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

yilu_win64/work/protecte/api-ms-win-crt-environment-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

yilu_win64/work/protecte/api-ms-win-crt-filesystem-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

yilu_win64/work/protecte/api-ms-win-crt-heap-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

yilu_win64/work/protecte/api-ms-win-crt-locale-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

yilu_win64/work/protecte/api-ms-win-crt-math-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

yilu_win64/work/protecte/api-ms-win-crt-multibyte-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

yilu_win64/work/protecte/api-ms-win-crt-runtime-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

yilu_win64/work/protecte/api-ms-win-crt-stdio-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

yilu_win64/work/protecte/api-ms-win-crt-string-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

yilu_win64/work/protecte/api-ms-win-crt-time-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

yilu_win64/work/protecte/api-ms-win-crt-utility-l1-1-0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

yilu_win64/work/protecte/msvcp140.dll

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

yilu_win64/work/protecte/msvcp140.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

yilu_win64/work/protecte/protecte.exe

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

yilu_win64/work/protecte/protecte.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

yilu_win64/work/protecte/vcruntime140.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

yilu_win64/work/protecte/vcruntime140.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

yilu_win64/work/protectn/nvrtc-builtins64_80.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

yilu_win64/work/protectn/nvrtc-builtins64_80.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

yilu_win64/work/protecta/protecta.exe
Size

4.2MB
MD5

c26f58bd560a7c3c743b03bfd43d65db
SHA1

f48676b6f25808fbcccacb1bb7dac669fdbf67c3
SHA256

c1abc93fd50dbf419b71534b8d77f390186843ecab21c33808e73fe84cef2079
SHA512

2308a7e4d2899f331bbe66f14c78c2533320965951085b4854c7c1211e81c78757270256f115ffa7d7993862683ff2856764ebfa24f3f288cfbdf7a784f57d31
SSDEEP

98304:zqKd+UB+FiS9HJ9Pzs1r6PIVeVlVzZuEvVsXTkcIAs96cqWxbhfGtj/PvHpWHXj:zhVBMiYHJ9Pzs1rfHs3j

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\yilu_win64\work\protecta\protecta.exe
"C:\Users\Admin\AppData\Local\Temp\yilu_win64\work\protecta\protecta.exe"
1⤵
PID:2900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2900-0-0x0000000000080000-0x0000000000090000-memory.dmp

Filesize
64KB

Download