Overview

overview

7

Static

static

updater.exe

windows10_x64

1

runtimes/w...rp.dll

windows10_x64

1

runtimes/w...re.dll

windows10_x64

1

runtimes/w...me.dll

windows10_x64

1

runtimes/w...v2.dll

windows10_x64

1

runtimes/w...GL.dll

windows10_x64

1

runtimes/w...ef.dll

windows10_x64

1

runtimes/w...v2.dll

windows10_x64

3

runtimes/w...GL.dll

windows10_x64

1

runtimes/w...47.dll

windows10_x64

1

runtimes/w...lf.dll

windows10_x64

1

runtimes/w...rp.dll

windows10_x64

1

runtimes/w...re.dll

windows10_x64

1

runtimes/w...me.dll

windows10_x64

3

runtimes/w...ss.exe

windows10_x64

1

runtimes/w...re.dll

windows10_x64

3

cscppcom.exe

windows10_x64

5

UX Launcher.exe

windows10_x64

7

UX Launcher.dll.exe

windows10_x64

3

Newtonsoft.Json.dll

windows10_x64

1

NUnrar.dll

windows10_x64

1

EO.WebEngine.dll

windows10_x64

1

EO.WebBrowser.dll

windows10_x64

1

EO.Base.dll

windows10_x64

1

CefSharp.Wpf.dll

windows10_x64

1

Analysis

  • max time kernel
    278s
  • max time network
    384s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    18-08-2021 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll

  • Size

    1.4MB

  • MD5

    0233e8f518cb12aba755a987c3748313

  • SHA1

    69b0553a28cddc09f66e246ce443cf7ce1bebf95

  • SHA256

    b98597c67bd11479eebb5b09968c38ac3209212719132e6ddf055f5f46da3866

  • SHA512

    764b480fbf8cd205720b426b3ed83c2e92bb1d8fee75028dedd72abcc983837d01f663cb981c5ed54673c3f1a6aefff7f025adb18b81c0c24d9035553f2adf6b

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\runtimes\win-x86\lib\netcoreapp3.0\CefSharp.Core.Runtime.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\runtimes\win-x86\lib\netcoreapp3.0\CefSharp.Core.Runtime.dll,#1
      2⤵
        PID:3960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3960-117-0x0000000000000000-mapping.dmp

      Download