e095c09c0839a85ecd84346a853c9c7333c51d1d0080ea41b5cee1f6f897c243

Submit
Reports

Overview

overview

Static

static

malware/1/Setup.exe

windows7-x64

malware/1/Setup.exe

windows10-2004-x64

malware/2/Setup.exe

windows7-x64

malware/2/Setup.exe

windows10-2004-x64

malware/3/...p_.exe

windows7-x64

malware/3/...p_.exe

windows10-2004-x64

malware/4/Setup.exe

windows7-x64

malware/4/Setup.exe

windows10-2004-x64

malware/5/...ls.dll

windows7-x64

malware/5/...ls.dll

windows10-2004-x64

malware/5/...ng.dll

windows7-x64

malware/5/...ng.dll

windows10-2004-x64

malware/5/...nt.dll

windows7-x64

malware/5/...nt.dll

windows10-2004-x64

malware/5/...pt.dll

windows7-x64

malware/5/...pt.dll

windows10-2004-x64

malware/5/...ib.dll

windows7-x64

malware/5/...ib.dll

windows10-2004-x64

malware/5/...ns.dll

windows7-x64

malware/5/...ns.dll

windows10-2004-x64

malware/5/...on.dll

windows7-x64

malware/5/...on.dll

windows10-2004-x64

malware/5/...op.dll

windows7-x64

malware/5/...op.dll

windows10-2004-x64

malware/5/...en.dll

windows7-x64

malware/5/...en.dll

windows10-2004-x64

malware/5/...te.dll

windows7-x64

malware/5/...te.dll

windows10-2004-x64

malware/5/...ty.dll

windows7-x64

malware/5/...ty.dll

windows10-2004-x64

malware/5/...api.js

windows7-x64

malware/5/...api.js

windows10-2004-x64

Analysis

max time kernel
144s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
29/12/2024, 13:48

Sharing

Copy URL

Twitter E-mail

Static task

static1

vmprotect

2 signatures

Behavioral task

behavioral1

Sample

malware/1/Setup.exe

Resource

win7-20240903-en

bluefox discovery stealer vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

malware/1/Setup.exe

Resource

win10v2004-20241007-en

bluefox discovery stealer vmprotect

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

malware/2/Setup.exe

Resource

win7-20240903-en

vidar 1695 discovery stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

malware/2/Setup.exe

Resource

win10v2004-20241007-en

vidar 1695 discovery stealer

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

malware/3/free_sea_of_thieves_hacks_(esp_.exe

Resource

win7-20241010-en

discovery

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

malware/3/free_sea_of_thieves_hacks_(esp_.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral7

Sample

malware/4/Setup.exe

Resource

win7-20240903-en

vidar 1695 discovery stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

malware/4/Setup.exe

Resource

win10v2004-20241007-en

vidar 1695 discovery stealer

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

malware/5/Data/Plug-ins/root/data/BIBUtils.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

malware/5/Data/Plug-ins/root/data/BIBUtils.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

malware/5/Data/Plug-ins/root/data/CITThreading.dll

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

malware/5/Data/Plug-ins/root/data/CITThreading.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

malware/5/Data/Plug-ins/root/data/CRClient.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

malware/5/Data/Plug-ins/root/data/CRClient.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

malware/5/Data/Plug-ins/root/data/ExtendScript.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

malware/5/Data/Plug-ins/root/data/ExtendScript.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

malware/5/Data/Plug-ins/root/data/JP2KLib.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

malware/5/Data/Plug-ins/root/data/JP2KLib.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

malware/5/Data/Plug-ins/root/data/Microsoft.Expression.Interactions.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

malware/5/Data/Plug-ins/root/data/Microsoft.Expression.Interactions.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

malware/5/Data/Plug-ins/root/data/Newtonsoft.Json.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

malware/5/Data/Plug-ins/root/data/Newtonsoft.Json.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

malware/5/Data/Plug-ins/root/data/SQLite.Interop.dll

Resource

win7-20240708-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

malware/5/Data/Plug-ins/root/data/SQLite.Interop.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

malware/5/Data/Plug-ins/root/data/SharpRaven.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

malware/5/Data/Plug-ins/root/data/SharpRaven.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

malware/5/Data/Plug-ins/root/data/System.Data.SQLite.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

malware/5/Data/Plug-ins/root/data/System.Data.SQLite.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

malware/5/Data/Plug-ins/root/data/System.Windows.Interactivity.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

malware/5/Data/Plug-ins/root/data/System.Windows.Interactivity.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

malware/5/Data/Plug-ins/root/data/api.js

Resource

win7-20241010-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

malware/5/Data/Plug-ins/root/data/api.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

malware/5/Data/Plug-ins/root/data/CITThreading.dll
Size

161KB
MD5

08f8df5b67af0c9e43bae814bdb21eae
SHA1

b6b0608f96f912ed3994147a631b82bd346f13d4
SHA256

8327ba3d80d78ce232be9705484b93fb80142e9bfa0f27f564f9fb87a3f36fed
SHA512

0bc2065f530eacd70413d2456ab610bbededabebc08a3985e819558adab2f4bd86fa630a31522511adda4bbbf53f3ba8dc2a7755107f58be2dd961d44dc619a2
SSDEEP

3072:kJgP/Uzvw5CkjjtOrADecdC8KLiaQsKPfrz0++zQHCB/yBTu:hkzvLojtG+KLiJl3rIYCBqBS

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\malware\5\Data\Plug-ins\root\data\CITThreading.dll,#1
1⤵
PID:4876

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads