Overview

overview

3

Static

static

新建文�...ID.dll

windows7-x64

1

新建文�...ID.dll

windows10-2004-x64

3

新建文�...UX.dll

windows7-x64

1

新建文�...UX.dll

windows10-2004-x64

3

新建文�...ec.exe

windows7-x64

新建文�...ec.exe

windows10-2004-x64

1

新建文�...ge.exe

windows7-x64

1

新建文�...ge.exe

windows10-2004-x64

1

新建文�...ib.dll

windows7-x64

1

新建文�...ib.dll

windows10-2004-x64

1

新建文�...ct.exe

windows7-x64

1

新建文�...ct.exe

windows10-2004-x64

1

新建文�...tr.dll

windows7-x64

1

新建文�...tr.dll

windows10-2004-x64

1

新建文�...ux.dll

windows7-x64

1

新建文�...ux.dll

windows10-2004-x64

3

新建文�...li.dll

windows7-x64

1

新建文�...li.dll

windows10-2004-x64

3

新建文�...ui.dll

windows7-x64

1

新建文�...ui.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    80s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/09/2022, 09:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    新建文件夹 (3)/bootux.dll

  • Size

    3.8MB

  • MD5

    17173aa0b01a83e90baaaf747aa3547e

  • SHA1

    a7d80f21a89d4f7547a40de44455bc15a73fde7f

  • SHA256

    7f03d100daedc91cd9fee2a91dd6dc9d67142e9dc0e7aedb479cf320b827d1e6

  • SHA512

    6d77a9327320b68923ec3b7ab9c0db18ce63865df486ea4d4ea63034b318ad6074369ff7c446738f3d61c9e6460e57006359f3d3a74ef611888379093c6e53e4

  • SSDEEP

    6144:V+xTJJVyqgBJoyTZNAiLeWoa4xkBqjseh65Ym8WAk14:sNJJYqgBJoyTTAYgOqHh65YmzK

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\新建文件夹 (3)\bootux.dll",#1
    1⤵
      PID:5004
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 5004 -s 560
        2⤵
        • Program crash
        PID:808
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 412 -p 5004 -ip 5004
      1⤵
        PID:2780

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads