Overview

overview

9

Static

static

9

51新炫�...dm.dll

windows7-x64

8

51新炫�...dm.dll

windows10-2004-x64

1

51新炫�...��.url

windows7-x64

1

51新炫�...��.url

windows10-2004-x64

1

51新炫�...�].exe

windows7-x64

8

51新炫�...�].exe

windows10-2004-x64

8

51新炫�...��.url

windows7-x64

1

51新炫�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    47s
  • max time network
    52s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 19:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    51新炫舞挂房V喊话器[免费]/dm.dll

  • Size

    816KB

  • MD5

    583c06c7b8167d0c1ddd307bd92701b9

  • SHA1

    da3fb90d46c8e2ecb9c60c5c8c2b258a586f1cb4

  • SHA256

    b1b401c604f58249e268655aea88092b16f0f7806fafdbffb4e3ce0e3be27f17

  • SHA512

    39044dfa676e6f801c3686c41738ab589b8db8e6eef1d3db58031be6bfcbfd3d5ff75e517ae4419f09f40094a092c2701b98e883da12cb1df044b2229b62da0f

  • SSDEEP

    24576:QQgsGEuPrVSu8dMgerKeP01MqflXUkoz2:fgvp3OuYMqfp8

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\51新炫舞挂房V喊话器[免费]\dm.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:960
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\51新炫舞挂房V喊话器[免费]\dm.dll
      2⤵
        PID:956

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/956-55-0x0000000000000000-mapping.dmp
      Download
    • memory/956-56-0x00000000757A1000-0x00000000757A3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/956-57-0x0000000010000000-0x00000000101A7000-memory.dmp
      Filesize

      1.7MB

      Download
    • memory/960-54-0x000007FEFC011000-0x000007FEFC013000-memory.dmp
      Filesize

      8KB

      Download