Overview
overview
10Static
static
10FastColore...ox.dll
windows7-x64
1FastColore...ox.dll
windows10-2004-x64
1GMap.NET.Core.dll
windows7-x64
1GMap.NET.Core.dll
windows10-2004-x64
1GMap.NET.W...ms.dll
windows7-x64
1GMap.NET.W...ms.dll
windows10-2004-x64
1Guna.UI2.dll
windows7-x64
1Guna.UI2.dll
windows10-2004-x64
1IconExtractor.dll
windows7-x64
1IconExtractor.dll
windows10-2004-x64
1NAudio.dll
windows7-x64
1NAudio.dll
windows10-2004-x64
1Newtonsoft.Json.dll
windows7-x64
1Newtonsoft.Json.dll
windows10-2004-x64
1Plugins/Ac...ws.dll
windows7-x64
1Plugins/Ac...ws.dll
windows10-2004-x64
1Plugins/Chat.dll
windows7-x64
1Plugins/Chat.dll
windows10-2004-x64
1Plugins/Chromium.dll
windows7-x64
1Plugins/Chromium.dll
windows10-2004-x64
1Plugins/Clipboard.dll
windows7-x64
1Plugins/Clipboard.dll
windows10-2004-x64
1Plugins/Cm...ss.dll
windows7-x64
1Plugins/Cm...ss.dll
windows10-2004-x64
1Plugins/Fi...er.dll
windows7-x64
1Plugins/Fi...er.dll
windows10-2004-x64
1Plugins/Fi...er.dll
windows7-x64
1Plugins/Fi...er.dll
windows10-2004-x64
1Plugins/HBrowser.dll
windows7-x64
1Plugins/HBrowser.dll
windows10-2004-x64
1Plugins/HRDP.dll
windows7-x64
1Plugins/HRDP.dll
windows10-2004-x64
1Analysis
-
max time kernel
92s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
28-01-2025 10:53
Behavioral task
behavioral1
Sample
FastColoredTextBox.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
FastColoredTextBox.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
GMap.NET.Core.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
GMap.NET.Core.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
GMap.NET.WindowsForms.dll
Resource
win7-20241023-en
Behavioral task
behavioral6
Sample
GMap.NET.WindowsForms.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Guna.UI2.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
Guna.UI2.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
IconExtractor.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
IconExtractor.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
NAudio.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
NAudio.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Newtonsoft.Json.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Newtonsoft.Json.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Plugins/ActiveWindows.dll
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
Plugins/ActiveWindows.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Plugins/Chat.dll
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
Plugins/Chat.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Plugins/Chromium.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
Plugins/Chromium.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Plugins/Clipboard.dll
Resource
win7-20241023-en
Behavioral task
behavioral22
Sample
Plugins/Clipboard.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Plugins/Cmstp-Bypass.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Plugins/Cmstp-Bypass.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Plugins/FileManager.dll
Resource
win7-20241010-en
Behavioral task
behavioral26
Sample
Plugins/FileManager.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Plugins/FilesSearcher.dll
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
Plugins/FilesSearcher.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
Plugins/HBrowser.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
Plugins/HBrowser.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Plugins/HRDP.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Plugins/HRDP.dll
Resource
win10v2004-20241007-en
General
-
Target
Plugins/HRDP.dll
-
Size
1.7MB
-
MD5
f27b6e8cf5afa8771c679b7a79e11a08
-
SHA1
6c3fcf45e35aaf6b747f29a06108093c284100da
-
SHA256
4aa18745a5fddf7ec14adaff3ad1b4df1b910f4b6710bf55eb27fb3942bb67de
-
SHA512
0d84966bbc9290b04d2148082563675ec023906d58f5ba6861c20542271bf11be196d6ab24e48372f339438204bd5c198297da98a19fddb25a3df727b5aafa33
-
SSDEEP
24576:3rKxoVT2iXc+IZ++6WiaTAsN/3ebTvK+63CWH8iA/iD2hgPjcC8SVdKumYr7:WHZ5pdqYH8ia6GcKuR7
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request123.136.73.23.in-addr.arpaIN PTRResponse123.136.73.23.in-addr.arpaIN PTRa23-73-136-123deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request209.205.72.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request75.159.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request5.114.82.104.in-addr.arpaIN PTRResponse5.114.82.104.in-addr.arpaIN PTRa104-82-114-5deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request58.55.71.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request154.239.44.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request56.163.245.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request15.164.165.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request136.136.73.23.in-addr.arpaIN PTRResponse136.136.73.23.in-addr.arpaIN PTRa23-73-136-136deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request145.136.73.23.in-addr.arpaIN PTRResponse145.136.73.23.in-addr.arpaIN PTRa23-73-136-145deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request23.236.111.52.in-addr.arpaIN PTRResponse
-
72 B 137 B 1 1
DNS Request
123.136.73.23.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
209.205.72.20.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
75.159.190.20.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
5.114.82.104.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
58.55.71.13.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
154.239.44.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
56.163.245.4.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
15.164.165.52.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
136.136.73.23.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
145.136.73.23.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
23.236.111.52.in-addr.arpa