Overview

overview

10

Static

static

s3negar/documents.lnk

windows7_x64

10

s3negar/documents.lnk

windows10-2004_x64

10

s3negar/s3negar.dll

windows7_x64

3

s3negar/s3negar.dll

windows10-2004_x64

3

Analysis

  • max time kernel
    91s
  • max time network
    135s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21/06/2022, 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    s3negar/s3negar.dll

  • Size

    1.6MB

  • MD5

    83f07110df33b070ebe99613a1acda4c

  • SHA1

    c97c747f3cb228ba3b00c0359fea2236070cb910

  • SHA256

    7173bf751a2bf8fb237a7cde943ddedd4e89a2b15b571899c84fbaa87c233e8f

  • SHA512

    0ff98beb21c391a54417b688cc38cdf38374af8ca3b27034a478c307f9f83699cc28babd326965349ee81d722aa341e63dca2157da341f8bceb7b29b69fd6224

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\s3negar\s3negar.dll,#1
    1⤵
      PID:5092
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 5092 -s 336
        2⤵
        • Program crash
        PID:4964
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 432 -p 5092 -ip 5092
      1⤵
        PID:4892

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads