Overview

overview

3

Static

static

3

GTAC-Serve....0.zip

windows7-x64

1

GTAC-Serve....0.zip

windows10-2004-x64

1

Server.exe

windows7-x64

1

Server.exe

windows10-2004-x64

1

mozjs-60_x64.dll

windows7-x64

1

mozjs-60_x64.dll

windows10-2004-x64

1

nspr4_x64.dll

windows7-x64

1

nspr4_x64.dll

windows10-2004-x64

1

resources/...ta.xml

windows7-x64

3

resources/...ta.xml

windows10-2004-x64

1

resources/...ver.js

windows7-x64

3

resources/...ver.js

windows10-2004-x64

3

server.xml

windows7-x64

3

server.xml

windows10-2004-x64

1

Resubmissions

28/03/2025, 09:56

250328-lybnsswnz8 3

28/03/2025, 09:55

250328-lxrcvst1fz 3

Analysis

  • max time kernel
    103s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2025, 09:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/freeroam/meta.xml

  • Size

    154B

  • MD5

    c48e3b6f06707b8cf45c8a9947afd43e

  • SHA1

    0595df5c9b6ab7de8ad62eb51b8f14b4e6ade7f3

  • SHA256

    1e8c0c7de3a5248a737c21747b91aed731b9ac5e63be95a85093d550570af7ed

  • SHA512

    f761aa7c4c112bf67f8f4e6c0acf058c7b2384307b65e4598ff33de3145664f874cea6619a6f7d996c9c752d7fba7584bf7bb70c3c7ab22d361418388410ec87

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\resources\freeroam\meta.xml"
    1⤵
      PID:3208

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3208-0-0x00007FFB5CAF0000-0x00007FFB5CB00000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3208-1-0x00007FFB9CB0D000-0x00007FFB9CB0E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3208-2-0x00007FFB9CA70000-0x00007FFB9CC65000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3208-3-0x00007FFB9CA70000-0x00007FFB9CC65000-memory.dmp

      Filesize

      2.0MB

      Download