8e6e83ba1eb2ceb0eddc7e0fd98e1fb775f4809e4acfe8d5e66dadaa806ad2d5 | Triage

Submit
Reports

Overview

overview

Static

static

3

OneDrives.exe

windows7-x64

7

OneDrives.exe

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Bonvivante...29.dll

windows7-x64

1

Bonvivante...29.dll

windows10-2004-x64

1

Lanthanotu...on.dll

windows7-x64

1

Lanthanotu...on.dll

windows10-2004-x64

1

Portliest/...or.dll

windows7-x64

1

Portliest/...or.dll

windows10-2004-x64

1

Analysis

max time kernel
95s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
27-12-2024 01:29

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

OneDrives.exe

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

OneDrives.exe

Resource

win10v2004-20241007-en

guloader discovery downloader

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

Bonvivanters/Genremaleri/Lifeguards/lang-1029.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Bonvivanters/Genremaleri/Lifeguards/lang-1029.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Lanthanotus95/Inlayed/Hovedvagts/completion.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

Lanthanotus95/Inlayed/Hovedvagts/completion.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Portliest/Blokadegreb/Baandstoppene/DataCollector.dll

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Portliest/Blokadegreb/Baandstoppene/DataCollector.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Portliest/Blokadegreb/Baandstoppene/DataCollector.dll
Size

69KB
MD5

de2e4d3e9c6bfed8c6f10fb486e72f0b
SHA1

a8f9f971a04c54a984f48a373d5ec4883da2ab9d
SHA256

938caaebbe0b590aaae61881be1d0cbc736546e3858ab478f66b0bd119e48961
SHA512

a586e9946ea18084451f00ff02b469b132b492bcb5c7dc5258bff506957edf149d47a2bdcec36dc99f2311d85f0d2e92b6ac6ec987ba6ce750270deae5228024
SSDEEP

1536:xS5EN5Bi4qb3ax0rYm/+rXmjWMNDAILC6rdsBNHeqRGcLp:xS5WW4qb3ax0rYm/+rXmjdGYtrdsBNsG

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Portliest\Blokadegreb\Baandstoppene\DataCollector.dll,#1
1⤵
PID:4824

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy