Overview
overview
10Static
static
7Brute.exe
windows7_x64
10Brute.exe
windows10_x64
10Brute.exe
windows10-2004_x64
10Leaf.xNet.dll
windows7_x64
1Leaf.xNet.dll
windows10_x64
6Leaf.xNet.dll
windows10-2004_x64
10Newtonsoft.Json.dll
windows7_x64
1Newtonsoft.Json.dll
windows10_x64
6Newtonsoft.Json.dll
windows10-2004_x64
10Analysis
-
max time kernel
106s -
max time network
148s -
platform
windows10_x64 -
resource
win10-ja-20211208 -
submitted
11-02-2022 07:59
Static task
static1
Behavioral task
behavioral1
Sample
Brute.exe
Resource
win7-ja-20211208
Behavioral task
behavioral2
Sample
Brute.exe
Resource
win10-ja-20211208
Behavioral task
behavioral3
Sample
Brute.exe
Resource
win10v2004-ja-20220113
Behavioral task
behavioral4
Sample
Leaf.xNet.dll
Resource
win7-ja-20211208
Behavioral task
behavioral5
Sample
Leaf.xNet.dll
Resource
win10-ja-20211208
Behavioral task
behavioral6
Sample
Leaf.xNet.dll
Resource
win10v2004-ja-20220113
Behavioral task
behavioral7
Sample
Newtonsoft.Json.dll
Resource
win7-ja-20211208
Behavioral task
behavioral8
Sample
Newtonsoft.Json.dll
Resource
win10-ja-20211208
Behavioral task
behavioral9
Sample
Newtonsoft.Json.dll
Resource
win10v2004-ja-20220112
General
-
Target
Newtonsoft.Json.dll
-
Size
685KB
-
MD5
081d9558bbb7adce142da153b2d5577a
-
SHA1
7d0ad03fbda1c24f883116b940717e596073ae96
-
SHA256
b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
-
SHA512
2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511
Malware Config
Signatures
-
Processes:
rundll32.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA rundll32.exe