Overview

overview

10

Static

static

7

1/SoftWare.exe

windows7-x64

10

1/SoftWare.exe

windows10-2004-x64

10

1/System.W...ni.dll

windows7-x64

1

1/System.W...ni.dll

windows10-2004-x64

3

1/agcore.dll

windows7-x64

3

1/agcore.dll

windows10-2004-x64

3

1/binfmts/...le.dll

windows7-x64

3

1/binfmts/...le.dll

windows10-2004-x64

3

1/binfmts/...le.dll

windows7-x64

3

1/binfmts/...le.dll

windows10-2004-x64

3

1/binfmts/...en_get

ubuntu-22.04-amd64

1

1/binfmts/...n_post

ubuntu-22.04-amd64

1

1/binfmts/...en_get

ubuntu-24.04-amd64

1/binfmts/...n_post

ubuntu-24.04-amd64

1/binfmts/...en_get

ubuntu-24.04-amd64

1

1/binfmts/...n_post

ubuntu-22.04-amd64

1

1/binfmts/...en_get

ubuntu-22.04-amd64

1/binfmts/...n_post

ubuntu-22.04-amd64

1/binfmts/...t.html

windows7-x64

3

1/binfmts/...t.html

windows10-2004-x64

3

1/binfmts/...inc.js

windows7-x64

3

1/binfmts/...inc.js

windows10-2004-x64

3

1/binfmts/...es.dll

windows7-x64

1

1/binfmts/...es.dll

windows10-2004-x64

1

1/binfmts/...es.dll

windows7-x64

1

1/binfmts/...es.dll

windows10-2004-x64

1

1/binfmts/...xe.dll

windows7-x64

3

1/binfmts/...xe.dll

windows10-2004-x64

3

1/binfmts/...ce.dll

windows7-x64

1

1/binfmts/...ce.dll

windows10-2004-x64

1

1/binfmts/...ll.dll

windows7-x64

1

1/binfmts/...ll.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    165s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2024, 05:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1/binfmts/Shared/xe.dll

  • Size

    616KB

  • MD5

    9abbdab424f66a7f4c395fd8759cef0e

  • SHA1

    d08a1fe1ab2eb09827f26fe493994e8f064c74c8

  • SHA256

    f724575de0ea9ec3cc15a1f10d6a936ef2ec6dd3790d0d1c39dfc1f9d31aece4

  • SHA512

    2583f01afd894330c1e98a57327df14605b19c4baa06beba9f42bb63a0831f669bf495fc91c16041cd882169434a568b09fffa2d5f56edbd2b36fbb6a8ae5ef8

  • SSDEEP

    6144:atkUO5IjISRbo5x88oTPVXU+u/o6XPLFlDxzqKoAMl2FrbyOHgNf1UfD2t2BgCcJ:ukU3IBC823SLMkFrzgx1Uyt2mL0eUW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1\binfmts\Shared\xe.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1\binfmts\Shared\xe.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads