Overview

overview

10

Static

static

10

Loader.zip

windows11-21h2-x64

1

Loader/Loader.exe

windows11-21h2-x64

10

Loader/dmx...ls.dll

windows11-21h2-x64

1

Loader/lik...er.dll

windows11-21h2-x64

1

Loader/lik...ll.mui

windows11-21h2-x64

3

Loader/lik...ll.mui

windows11-21h2-x64

3

Loader/lik...ll.mui

windows11-21h2-x64

3

Loader/mqutil.dll.mui

windows11-21h2-x64

3

Loader/samlib.dll

windows11-21h2-x64

1

Loader/wdi.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    05-01-2025 01:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Loader/likodi/SmiEngine.dll.mui

  • Size

    169B

  • MD5

    a0db1f60834e4cc834d87ce05449e86d

  • SHA1

    5ad5350876f587ad738c6337aadcca27933d9fc4

  • SHA256

    0d8f35e8bdb5d7b9e705745c3d53e5ad009af47ecec5d05c73ae7196e2944ca2

  • SHA512

    630acfbae48e16210b61b05dae1b494d7afaaf9977a5367e6f7bf157b731ea67707012b8eb0ad56fa5b5b24c6ade610b10ddd1a96d240ea71487fe1ef8caf4ac

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Loader\likodi\SmiEngine.dll.mui
    1⤵
    • Modifies registry class
    PID:4436
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads