63ce1d90d0fc261f2b5daa7d7c96c265c4a758e0e1ea4e7a915f9e0d92c332a5 | Triage

Submit
Reports

Overview

overview

Static

static

Plugins/WinLock.exe

windows7-x64

8

Plugins/WinLock.exe

windows10-2004-x64

8

Plugins/Wi...ld.exe

windows7-x64

8

Plugins/Wi...ld.exe

windows10-2004-x64

8

Plugins/ethminer.exe

windows7-x64

1

Plugins/ethminer.exe

windows10-2004-x64

1

Stub/Client.exe

windows7-x64

1

Stub/Client.exe

windows10-2004-x64

1

Stub/Criptor.exe

windows7-x64

1

Stub/Criptor.exe

windows10-2004-x64

1

Stub/Loader.exe

windows7-x64

1

Stub/Loader.exe

windows10-2004-x64

1

Stub/net5....fs.exe

windows7-x64

1

Stub/net5....fs.exe

windows10-2004-x64

1

Stub/netco...or.exe

windows7-x64

1

Stub/netco...or.exe

windows10-2004-x64

1

Stub/netco...or.exe

windows7-x64

1

Stub/netco...or.exe

windows10-2004-x64

1

Stub/netco...or.exe

windows7-x64

1

Stub/netco...or.exe

windows10-2004-x64

1

Stub/tempClient.exe

windows7-x64

1

Stub/tempClient.exe

windows10-2004-x64

1

Analysis

max time kernel
92s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10-01-2025 15:51

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Plugins/WinLock.exe

Resource

win7-20240903-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

Plugins/WinLock.exe

Resource

win10v2004-20241007-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

Plugins/WinlockBild.exe

Resource

win7-20240903-en

discovery evasion persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral4

Sample

Plugins/WinlockBild.exe

Resource

win10v2004-20241007-en

discovery evasion persistence

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral5

Sample

Plugins/ethminer.exe

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Plugins/ethminer.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Stub/Client.exe

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Stub/Client.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Stub/Criptor.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

Stub/Criptor.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Stub/Loader.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

Stub/Loader.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Stub/net5.0/ref/Obfs.exe

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

Stub/net5.0/ref/Obfs.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Stub/netcoreapp5.0/Obfuscator.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Stub/netcoreapp5.0/Obfuscator.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Stub/netcoreapp5.0/Obfuscator.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Stub/netcoreapp5.0/Obfuscator.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Stub/netcoreapp5.0/ref/Obfuscator.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

Stub/netcoreapp5.0/ref/Obfuscator.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Stub/tempClient.exe

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Stub/tempClient.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Stub/Loader.exe
Size

5KB
MD5

3225ce4873a8b6b94ddea9e18e2445f6
SHA1

6437d33dc2e0eca711d6a80ef9fa87a5dd21a75f
SHA256

679f0abb99cb973e2164b51408f2863091e5dabf3fe7729a8683360a92c69db5
SHA512

fb7bb26572ef0174fc4eb921d286877e176aaecf83057ae862324406d25d3e3c7406f10991fb01ae3924f57c5fa5f8215712e0fba6aa0d68402ef8746bc14eed
SSDEEP

48:6jspjNKjkecyNMF+e9Bz/b986sgamLmTZsFtoJlShKtF:+CEW3+e9BzLslmLm7e

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\Stub\Loader.exe
"C:\Users\Admin\AppData\Local\Temp\Stub\Loader.exe"
1⤵
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1720-0-0x00000210DA360000-0x00000210DA368000-memory.dmp

Filesize
32KB

Download
memory/1720-1-0x00007FFD4F043000-0x00007FFD4F045000-memory.dmp

Filesize
8KB

Download

© 2018-2025

Terms | Privacy