8f53c4425f6546c0570e1893297ebc337d01017cc188803e303c53d106ebc501

Submit
Reports

Overview

overview

Static

static

e2f85c3eb2...16.exe

windows7-x64

e2f85c3eb2...16.exe

windows10-2004-x64

$PLUGINSDIR/Math.dll

windows7-x64

$PLUGINSDIR/Math.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

GameVisualPlugin.dll

windows7-x64

GameVisualPlugin.dll

windows10-2004-x64

Mythogenes...in.dll

windows7-x64

Mythogenes...in.dll

windows10-2004-x64

Mythogenes...NE.exe

windows7-x64

Mythogenes...NE.exe

windows10-2004-x64

Mythogenes...em.dll

windows7-x64

Mythogenes...em.dll

windows10-2004-x64

Sellerier/...es.dll

windows7-x64

Sellerier/...es.dll

windows10-2004-x64

Sellerier/...le.dll

windows7-x64

Sellerier/...le.dll

windows10-2004-x64

StartNE.exe

windows7-x64

StartNE.exe

windows10-2004-x64

System.IO....em.dll

windows7-x64

System.IO....em.dll

windows10-2004-x64

System.Tex...es.dll

windows7-x64

System.Tex...es.dll

windows10-2004-x64

System.ValueTuple.dll

windows7-x64

System.ValueTuple.dll

windows10-2004-x64

dbdump.dll

windows7-x64

dbdump.dll

windows10-2004-x64

gmodule-2.0.dll

windows7-x64

gmodule-2.0.dll

windows10-2004-x64

icon-cli.html

windows7-x64

icon-cli.html

windows10-2004-x64

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
27-12-2024 00:42

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e2f85c3eb27695e55e3377d8695f66791dc80a6cbb7b9b059b365c58b5b49d16.exe

Resource

win7-20240708-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

e2f85c3eb27695e55e3377d8695f66791dc80a6cbb7b9b059b365c58b5b49d16.exe

Resource

win10v2004-20241007-en

guloader discovery downloader persistence

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/Math.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/Math.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

GameVisualPlugin.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

GameVisualPlugin.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Mythogeneses/Highlandish/Tagalogs/Hulslib114/GameVisualPlugin.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Mythogeneses/Highlandish/Tagalogs/Hulslib114/GameVisualPlugin.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Mythogeneses/Highlandish/Tagalogs/Hulslib114/StartNE.exe

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Mythogeneses/Highlandish/Tagalogs/Hulslib114/StartNE.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

Mythogeneses/Highlandish/Tagalogs/Hulslib114/System.IO.Compression.FileSystem.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Mythogeneses/Highlandish/Tagalogs/Hulslib114/System.IO.Compression.FileSystem.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Sellerier/System.Text.Encoding.CodePages.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Sellerier/System.Text.Encoding.CodePages.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Sellerier/System.ValueTuple.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Sellerier/System.ValueTuple.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

StartNE.exe

Resource

win7-20241010-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

StartNE.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

System.IO.Compression.FileSystem.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

System.IO.Compression.FileSystem.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

System.Text.Encoding.CodePages.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

System.Text.Encoding.CodePages.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

System.ValueTuple.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

System.ValueTuple.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

dbdump.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

dbdump.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

gmodule-2.0.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

gmodule-2.0.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

icon-cli.html

Resource

win7-20241023-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

icon-cli.html

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Report Analysis Logs

General

Target

System.Text.Encoding.CodePages.dll
Size

849KB
MD5

ced22cb5131040ed68ba36b9cc8f3983
SHA1

fe788dd6ec13a4efb72f0feeb0763c59ff1658e9
SHA256

9fa4c3e42dc29c6358333dac95470275560dff131be064d46356a918a0c933e4
SHA512

c0d53896985111bd69b716334b39e5536744cb7ccd8c7488d33144de61dcb4c8cb7a932aef39ceb56372b861c2fadd823e68a9c453e58621e47d551181951822
SSDEEP

12288:3o47xn7kZQ6kliVreJIHHr0tRYbKr2KtG9VKABC6rPtPrDLpa1HZIhOW:3oK9km6k/IwRYbiBeKGC0D2I4

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\System.Text.Encoding.CodePages.dll,#1
1⤵
PID:1724

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads