Overview

overview

10

Static

static

d75077838f...ad.dll

windows10-2004_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    01-07-2022 17:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d75077838fc33ec2769f958b1035346cd67da083f77a2edaa01375b19ba960b2_payload.dll

  • Size

    872KB

  • MD5

    924b2c4e153f1400390fe2c295deeb01

  • SHA1

    5b78e3f7490209a7915884fdc8ee0d8a38c958fc

  • SHA256

    64ea06acffb3905ff1f7255d45f8f333821bce10f6c40ab8121af72d74706907

  • SHA512

    df10379c44d8cd73dc7e6f7ab1dd3e111f802c5d449e5c4ba9c1d42541e569b52fe87c39409aa8f7f3d00305f1c0992d270447de8f4ff211bb2fb55ef39e2f07

Score
10/10
svcreadyloader

Malware Config

Signatures

  • Detects SVCReady loader 1 IoCs
  • SVCReady

    SVCReady is a malware loader first seen in April 2022.

    loadersvcready
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d75077838fc33ec2769f958b1035346cd67da083f77a2edaa01375b19ba960b2_payload.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d75077838fc33ec2769f958b1035346cd67da083f77a2edaa01375b19ba960b2_payload.dll,#1
      2⤵
        PID:2984

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2984-130-0x0000000000000000-mapping.dmp

      Download

    • memory/2984-131-0x0000000000800000-0x00000000008DE000-memory.dmp

      Filesize

      888KB

      Download

    • memory/2984-132-0x0000000000800000-0x00000000008DE000-memory.dmp

      Filesize

      888KB

      Download

    • memory/2984-136-0x0000000000530000-0x0000000000536000-memory.dmp

      Filesize

      24KB

      Download