Overview

overview

10

Static

static

10

Assets/D3D...re.dll

windows7-x64

1

Assets/D3D...re.dll

windows10-2004-x64

1

Assets/D3D...se.dll

windows7-x64

3

Assets/D3D...se.dll

windows10-2004-x64

3

Assets/D3D...32.dll

windows7-x64

1

Assets/D3D...32.dll

windows10-2004-x64

1

NL.exe

windows7-x64

8

NL.exe

windows10-2004-x64

8

Plugin/1.exe

windows7-x64

3

Plugin/1.exe

windows10-2004-x64

3

Plugin/10.exe

windows7-x64

3

Plugin/10.exe

windows10-2004-x64

3

Plugin/2.exe

windows7-x64

3

Plugin/2.exe

windows10-2004-x64

3

Plugin/3.exe

windows7-x64

3

Plugin/3.exe

windows10-2004-x64

3

Plugin/4.exe

windows7-x64

3

Plugin/4.exe

windows10-2004-x64

3

Plugin/5.exe

windows7-x64

3

Plugin/5.exe

windows10-2004-x64

3

Plugin/6.exe

windows7-x64

3

Plugin/6.exe

windows10-2004-x64

3

Plugin/7.exe

windows7-x64

1

Plugin/7.exe

windows10-2004-x64

1

Plugin/8.exe

windows7-x64

3

Plugin/8.exe

windows10-2004-x64

3

Plugin/9.exe

windows7-x64

3

Plugin/9.exe

windows10-2004-x64

3

Plugin/Andex.exe

windows7-x64

3

Plugin/Andex.exe

windows10-2004-x64

3

Plugin/Duck.exe

windows7-x64

3

Plugin/Duck.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-01-2025 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plugin/9.exe

  • Size

    469KB

  • MD5

    1a018036c48b4cd8e0c7d1a7ebea06a9

  • SHA1

    8ec946a133f07bf62754caddf3a884020f430f8d

  • SHA256

    45aa36d007d27ca8e9659cd004a98f048b232161202553da643c4d1df3427459

  • SHA512

    a8a8cbb9a1bfbdbe610bcde92d49674ee155d11fb6992dcd74551926fb3c1d8c2eebc773655638f785079961129cc9112718f2d4764812bbca9f085d3d7bd79a

  • SSDEEP

    12288:BceD9uB+caeL5rWxh9FnOl5T3e2Vzdb3Cl9WNNg:BcMzcDL5yxhfnk5TnhVk9m

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\Plugin\9.exe
    "C:\Users\Admin\AppData\Local\Temp\Plugin\9.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4040-0-0x000000007530E000-0x000000007530F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4040-2-0x0000000004CC0000-0x0000000004D5C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4040-1-0x00000000002C0000-0x000000000033C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4040-3-0x00000000053B0000-0x0000000005954000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4040-4-0x0000000004EA0000-0x0000000004F32000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4040-5-0x0000000004DC0000-0x0000000004DCA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4040-6-0x0000000004F40000-0x0000000004F96000-memory.dmp

    Filesize

    344KB

    Download

  • memory/4040-7-0x0000000075300000-0x0000000075AB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4040-8-0x0000000075300000-0x0000000075AB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4040-9-0x000000007530E000-0x000000007530F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4040-10-0x0000000075300000-0x0000000075AB0000-memory.dmp

    Filesize

    7.7MB

    Download