9d1bdbf2d7b18f5cc380da85751468dea9f052f187ef136531d5bd48d723adae

Submit
Reports

Overview

overview

Static

static

EXTERNAL/L...al.exe

windows7-x64

EXTERNAL/L...al.exe

windows10-2004-x64

EXTERNAL/R...ol.exe

windows7-x64

EXTERNAL/R...ol.exe

windows10-2004-x64

EXTERNAL/R...gs.vbs

windows7-x64

EXTERNAL/R...gs.vbs

windows10-2004-x64

EXTERNAL/R...er.exe

windows7-x64

EXTERNAL/R...er.exe

windows10-2004-x64

$PLUGINSDI...ne.dll

windows7-x64

$PLUGINSDI...ne.dll

windows10-2004-x64

$PLUGINSDI...ip.dll

windows7-x64

$PLUGINSDI...ip.dll

windows10-2004-x64

$PLUGINSDIR/INetC.dll

windows7-x64

$PLUGINSDIR/INetC.dll

windows10-2004-x64

$PLUGINSDI...er.dll

windows7-x64

$PLUGINSDI...er.dll

windows10-2004-x64

$PLUGINSDI...on.dll

windows7-x64

$PLUGINSDI...on.dll

windows10-2004-x64

$PLUGINSDI...er.exe

windows7-x64

$PLUGINSDI...er.exe

windows10-2004-x64

$PLUGINSDI...ls.dll

windows7-x64

$PLUGINSDI...ls.dll

windows10-2004-x64

$PLUGINSDI...en.dll

windows7-x64

$PLUGINSDI...en.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

$PLUGINSDI...fo.dll

windows7-x64

$PLUGINSDI...fo.dll

windows10-2004-x64

$PLUGINSDI...p.html

windows7-x64

$PLUGINSDI...p.html

windows10-2004-x64

$PLUGINSDI...x.html

windows7-x64

$PLUGINSDI...x.html

windows10-2004-x64

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-02-2025 14:12

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

4 signatures

Behavioral task

behavioral1

Sample

EXTERNAL/L-External.exe

Resource

win7-20241010-en

bootkit defense_evasion persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

EXTERNAL/L-External.exe

Resource

win10v2004-20250217-en

bootkit defense_evasion persistence privilege_escalation trojan

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral3

Sample

EXTERNAL/Requirements/Defender Control/Defender Control.exe

Resource

win7-20241010-en

defense_evasion discovery evasion trojan upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral4

Sample

EXTERNAL/Requirements/Defender Control/Defender Control.exe

Resource

win10v2004-20250217-en

discovery upx

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral5

Sample

EXTERNAL/Requirements/Defender Control/Defender_Settings.vbs

Resource

win7-20241010-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

EXTERNAL/Requirements/Defender Control/Defender_Settings.vbs

Resource

win10v2004-20250217-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

EXTERNAL/Requirements/OverwolfInstaller.exe

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

EXTERNAL/Requirements/OverwolfInstaller.exe

Resource

win10v2004-20250217-en

discovery persistence privilege_escalation

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/CommandLine.dll

Resource

win7-20250207-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/CommandLine.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/DotNetZip.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/DotNetZip.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

$PLUGINSDIR/INetC.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

$PLUGINSDIR/INetC.dll

Resource

win10v2004-20250217-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

$PLUGINSDIR/Microsoft.Win32.TaskScheduler.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

$PLUGINSDIR/Microsoft.Win32.TaskScheduler.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

$PLUGINSDIR/Newtonsoft.Json.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

$PLUGINSDIR/Newtonsoft.Json.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

$PLUGINSDIR/OWInstaller.exe

Resource

win7-20240903-en

discovery

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral20

Sample

$PLUGINSDIR/OWInstaller.exe

Resource

win10v2004-20250217-en

persistence privilege_escalation

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral21

Sample

$PLUGINSDIR/OverWolf.Client.CommonUtils.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

$PLUGINSDIR/OverWolf.Client.CommonUtils.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

$PLUGINSDIR/SharpRaven.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

$PLUGINSDIR/SharpRaven.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20250217-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win7-20241010-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win10v2004-20250217-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

$PLUGINSDIR/app/cmp.html

Resource

win7-20241010-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral30

Sample

$PLUGINSDIR/app/cmp.html

Resource

win10v2004-20250217-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral31

Sample

$PLUGINSDIR/app/index.html

Resource

win7-20240903-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

$PLUGINSDIR/app/index.html

Resource

win10v2004-20250217-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Report Analysis Logs

General

Target

$PLUGINSDIR/OverWolf.Client.CommonUtils.dll
Size

655KB
MD5

9562911e11231c09a4d420378c286f64
SHA1

a093e50dfb3cd7b71265d20c78c6182857ea518f
SHA256

c44259feeeae0f009deeffe5b83ed7e72727b8c409c7b62ef6ecb7b24b78b12a
SHA512

6cc6baeb2ca726856c7ba4cfe5a9bf247584a28470dd0de3794274883693d6a0efe922af492e487beae21b53198413e61596ad0e70d448c92acdb06dd9143e5d
SSDEEP

12288:0IqDIwxYNuTcAfimX8j4iXB/DVpyT8yRHRu:pwllX4RG86Ru

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\OverWolf.Client.CommonUtils.dll,#1
1⤵
PID:2684

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads