47b344e77272cdf500331c1d63ae3c231b59c4b6cefbc175bb54c40f30e0ee8a | Triage

Submit
Reports

Overview

overview

Static

static

3

2024 Arnol...ns.exe

windows10-2004-x64

AMMonitori...er.dll

windows10-2004-x64

1

EppManifest.dll

windows10-2004-x64

1

ImagingBase.dll

windows7-x64

1

ImagingBase.dll

windows10-2004-x64

1

MpAsDesc.dll

windows10-2004-x64

1

MpAzSubmit.dll

windows10-2004-x64

1

MpClient.dll

windows7-x64

MpClient.dll

windows10-2004-x64

MpCommu.dll

windows10-2004-x64

1

MpDetours.dll

windows10-2004-x64

1

MpDetoursC...or.dll

windows10-2004-x64

1

MpEvMsg.dll

windows10-2004-x64

1

MpOAV.dll

windows10-2004-x64

1

MpProvider.dll

windows10-2004-x64

1

MpRtp.dll

windows10-2004-x64

1

MpSvc.dll

windows10-2004-x64

1

MsMpCom.dll

windows10-2004-x64

1

MsMpLics.dll

windows10-2004-x64

1

Protection...nt.dll

windows10-2004-x64

1

endpointdlp.dll

windows10-2004-x64

1

Analysis

max time kernel
125s
max time network
134s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 16:27

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024 Arnold Machinery Trial Order Company Profile Specifications.exe

Resource

win10v2004-20240508-en

redline infostealer spyware

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

AMMonitoringProvider.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

EppManifest.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

ImagingBase.dll

Resource

win7-20240419-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

ImagingBase.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

MpAsDesc.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

MpAzSubmit.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

MpClient.dll

Resource

win7-20240508-en

redline infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral9

Sample

MpClient.dll

Resource

win10v2004-20240611-en

redline infostealer spyware

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral10

Sample

MpCommu.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

MpDetours.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

MpDetoursCopyAccelerator.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

MpEvMsg.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

MpOAV.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

MpProvider.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

MpRtp.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

MpSvc.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

MsMpCom.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

MsMpLics.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

ProtectionManagement.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

endpointdlp.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

MpAsDesc.dll
Size

204KB
MD5

ba2b29557ff5f4f3a7a55306d25b8d2b
SHA1

ca5dd5da467c755daa8be068397936c8de41057d
SHA256

5bf78317f21a79e0e6d48d68c30532888a7f5b3b629ef240733befff3619e9a2
SHA512

00b643281b0b49113fc6aa7ff1d234089c184a4080213065d96a13e39fedfc6f066d313469726d373a8c962e730a264226cd682d41f03a2e0ca15e8eb4f5d30e
SSDEEP

6144:vmiTVVmVVV8VVNVVVcVVVxVVVPVVlVVVRVVVtVVWV60jVLVVOVVUVZVVVVVjVVJ/:Nf

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\MpAsDesc.dll,#1
1⤵
PID:4448

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4200,i,13035806169561352434,1332896185314862791,262144 --variations-seed-version --mojo-platform-channel-handle=4120 /prefetch:8
1⤵
PID:3004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy