Overview

overview

4

Static

static

PencilCry.exe

windows7_x64

4

PencilCry.exe

windows10_x64

1

Analysis

  • max time kernel
    303s
  • max time network
    361s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    05/11/2021, 10:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PencilCry.exe

  • Size

    658KB

  • MD5

    c564bd5efd4a6d3af67e716914b994a4

  • SHA1

    adcb25f8a8942d9e4f0a355eef1037e9458432b8

  • SHA256

    77ec792277dc21124e9db5776d3a36a4a65edc1f8d2ab5b0a7af19db051e4381

  • SHA512

    6bc7a0b28f73191476fa34abdc07e6cdd7dce43baba3f590bb6f00853dbdbba5b49580f47dd44d2ea9321988ec7474414438155f444dbc0431877ea39b36838b

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\PencilCry.exe
    "C:\Users\Admin\AppData\Local\Temp\PencilCry.exe"
    1⤵
      PID:3804
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:2780

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3804-118-0x0000000000A30000-0x0000000000A31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3804-120-0x0000000005A00000-0x0000000005A01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3804-121-0x0000000005500000-0x0000000005501000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3804-122-0x00000000055C0000-0x00000000055C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3804-123-0x0000000005500000-0x00000000059FE000-memory.dmp

        Filesize

        5.0MB

        Download

      • memory/3804-124-0x0000000005500000-0x00000000059FE000-memory.dmp

        Filesize

        5.0MB

        Download