Analysis
-
max time kernel
31s -
max time network
35s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
05-09-2022 07:52
Static task
static1
Behavioral task
behavioral1
Sample
GuyletsExternalRidJoinerGui/GuyletsExternalRidJoinerGui.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral2
Sample
GuyletsExternalRidJoinerGui/GuyletsExternalRidJoinerGui.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
GuyletsExternalRidJoinerGui/Newtonsoft.Json.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral4
Sample
GuyletsExternalRidJoinerGui/RID_DLL.dll
Resource
win10v2004-20220901-en
General
-
Target
GuyletsExternalRidJoinerGui/RID_DLL.dll
-
Size
16KB
-
MD5
20c2b7cf987323c6c6785c1869cf7688
-
SHA1
ae854f58414915d235d695d981aae7f3badf46d8
-
SHA256
5541bed9488c93006b7eee09c666bf816669159a44e88512cf4e9ee33494af2e
-
SHA512
176942cb0fb744f18d277ac7bb38fc1f5721aa7ee18d672b86d1eaa30f92f9f58e1813bad4105671c116aef886d3857b03e2fc6ece62dc34932f97ae06d9ad24
-
SSDEEP
192:bYB/LHgtYS0B0UZkvNuZ/lJh3rKRleg30assgAV20V1DLF5XKJ:bG/LHgtcle6vh3r0leKxF5I
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 4788 rundll32.exe 4788 rundll32.exe