Overview

overview

10

Static

static

10

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

�...��.dll

windows7-x64

8

�...��.dll

windows10-2004-x64

8

�...��.dll

windows7-x64

3

�...��.dll

windows10-2004-x64

3

�...��.dll

windows7-x64

1

�...��.dll

windows10-2004-x64

1

�...��.dll

windows7-x64

1

�...��.dll

windows10-2004-x64

3

�...��.dll

windows7-x64

3

�...��.dll

windows10-2004-x64

3

�...��.exe

windows7-x64

6

�...��.exe

windows10-2004-x64

6

�...��.dll

windows7-x64

1

�...��.dll

windows10-2004-x64

1

�...��.dll

windows7-x64

3

�...��.dll

windows10-2004-x64

1

�...��.dll

windows7-x64

1

�...��.dll

windows10-2004-x64

1

�...��.exe

windows7-x64

5

�...��.exe

windows10-2004-x64

5

�...��.dll

windows7-x64

1

�...��.dll

windows10-2004-x64

1

�...��.exe

windows7-x64

8

�...��.exe

windows10-2004-x64

8

�...��.dll

windows7-x64

1

�...��.dll

windows10-2004-x64

1

�...��.exe

windows7-x64

8

�...��.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    43s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    27-11-2022 09:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    츨11.27ɫ/츨11.27.dll

  • Size

    7KB

  • MD5

    0bbbca7038095d2ca8eff205bb1c7210

  • SHA1

    af89fc4b2dfbfd0a0ce464a171c78009f7caf1b6

  • SHA256

    3b4869d560062b4ea0edd78fba1d798a403b8749a9b32d323058e7e6416ee53e

  • SHA512

    2870cbf3eb75b3812f502b6ab5adae543349b02eb8e62ec1531d0464c9d475e69d4a9e6773a237dc7616f5754ef255903d976cf7d7a5d55e5b2b5043112595d7

  • SSDEEP

    96:yWf0YDrMtyjnyoSvDilH2tBOMrJQOBdFC+orPT3XAUPVAF6GDTnECt6M7N:5iy+o4DiwBOxO2rr3XHPV26Onf6A

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\츨11.27ɫ\츨11.27.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:956
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\츨11.27ɫ\츨11.27.dll,#1
      2⤵
        PID:280

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/280-54-0x0000000000000000-mapping.dmp
      Download
    • memory/280-55-0x0000000075D01000-0x0000000075D03000-memory.dmp
      Filesize

      8KB

      Download