Overview
overview
8Static
static
4package/Pr...el.exe
windows7-x64
1package/Pr...el.exe
windows10-2004-x64
1package/Pr...64.exe
windows7-x64
1package/Pr...64.exe
windows10-2004-x64
1package/Pr...ll.dll
windows7-x64
1package/Pr...ll.dll
windows10-2004-x64
1package/Pr...64.dll
windows7-x64
8package/Pr...64.dll
windows10-2004-x64
8package/Pr...re.dll
windows7-x64
1package/Pr...re.dll
windows10-2004-x64
1package/Pr...ix.xml
windows7-x64
1package/Pr...ix.xml
windows10-2004-x64
1package/Pr...se.xml
windows7-x64
1package/Pr...se.xml
windows10-2004-x64
1package/Pr...80.xml
windows7-x64
1package/Pr...80.xml
windows10-2004-x64
1package/Pr...90.xml
windows7-x64
1package/Pr...90.xml
windows10-2004-x64
1package/Pr...01.xml
windows7-x64
1package/Pr...01.xml
windows10-2004-x64
1package/Pr...ve.xml
windows7-x64
1package/Pr...ve.xml
windows10-2004-x64
1package/Pr...et.xml
windows7-x64
1package/Pr...et.xml
windows10-2004-x64
1package/Pr...l7.xml
windows7-x64
1package/Pr...l7.xml
windows10-2004-x64
1package/Pr...00.xml
windows7-x64
1package/Pr...00.xml
windows10-2004-x64
1package/Pr...70.xml
windows7-x64
1package/Pr...70.xml
windows10-2004-x64
1package/Pr...90.xml
windows7-x64
1package/Pr...90.xml
windows10-2004-x64
1Analysis
-
max time kernel
73s -
max time network
179s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
08-10-2022 05:59
Behavioral task
behavioral1
Sample
package/Program Files (x86)/ASIO4ALL v2/a4apanel.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
package/Program Files (x86)/ASIO4ALL v2/a4apanel.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
package/Program Files (x86)/ASIO4ALL v2/a4apanel64.exe
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
package/Program Files (x86)/ASIO4ALL v2/a4apanel64.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
package/Program Files (x86)/ASIO4ALL v2/asio4all.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
package/Program Files (x86)/ASIO4ALL v2/asio4all.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
package/Program Files (x86)/ASIO4ALL v2/asio4all64.dll
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
package/Program Files (x86)/ASIO4ALL v2/asio4all64.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
package/Program Files (x86)/Common Files/Propellerhead Software/ReWire/ReWire.dll
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
package/Program Files (x86)/Common Files/Propellerhead Software/ReWire/ReWire.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral11
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Informix.xml
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Informix.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral13
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Sybase.xml
Resource
win7-20220812-en
Behavioral task
behavioral14
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Sybase.xml
Resource
win10v2004-20220901-en
Behavioral task
behavioral15
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as80.xml
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as80.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral17
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as90.xml
Resource
win7-20220901-en
Behavioral task
behavioral18
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as90.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral19
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/db2v0801.xml
Resource
win7-20220812-en
Behavioral task
behavioral20
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/db2v0801.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral21
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/hive.xml
Resource
win7-20220901-en
Behavioral task
behavioral22
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/hive.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral23
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/msjet.xml
Resource
win7-20220812-en
Behavioral task
behavioral24
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/msjet.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral25
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/orcl7.xml
Resource
win7-20220901-en
Behavioral task
behavioral26
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/orcl7.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral27
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql2000.xml
Resource
win7-20220812-en
Behavioral task
behavioral28
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql2000.xml
Resource
win10v2004-20220901-en
Behavioral task
behavioral29
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql70.xml
Resource
win7-20220812-en
Behavioral task
behavioral30
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql70.xml
Resource
win10v2004-20220812-en
Behavioral task
behavioral31
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql90.xml
Resource
win7-20220812-en
Behavioral task
behavioral32
Sample
package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql90.xml
Resource
win10v2004-20220812-en
General
-
Target
package/Program Files (x86)/Common Files/Propellerhead Software/ReWire/ReWire.dll
-
Size
1.4MB
-
MD5
2f3f103405dec980cfa432ea93f92321
-
SHA1
4dc93f9aaba768a9c7d0473168831fe15d48fc85
-
SHA256
5b2c3a6727e4d1fcadec1e1ea0fa6055d1d041a52211cc75c2b0330f6a1754df
-
SHA512
4f7704bd77e336c11cc96f1dd45e2f4e98d78421b12696b89b887fec17027d543de0964177cc40114edb8c5b16b148ad24bb6e5bc9a09fce23f7daa34db5eb8f
-
SSDEEP
24576:uFxEKn67lrLcZNOHMpOn/rG6V0xmPyMbNzb:uo7Fg/pC2xm6yzb
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3732 wrote to memory of 2032 3732 rundll32.exe rundll32.exe PID 3732 wrote to memory of 2032 3732 rundll32.exe rundll32.exe PID 3732 wrote to memory of 2032 3732 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\package\Program Files (x86)\Common Files\Propellerhead Software\ReWire\ReWire.dll",#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\package\Program Files (x86)\Common Files\Propellerhead Software\ReWire\ReWire.dll",#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2032-132-0x0000000000000000-mapping.dmp