Overview

overview

6

Static

static

1

DPlayer_lv...e4.dll

windows7-x64

3

DPlayer_lv...e4.dll

windows10-2004-x64

3

DPlayer_lv/QtGui4.dll

windows7-x64

3

DPlayer_lv/QtGui4.dll

windows10-2004-x64

3

DPlayer_lv...k4.dll

windows7-x64

3

DPlayer_lv...k4.dll

windows10-2004-x64

3

DPlayer_lv...L4.dll

windows7-x64

1

DPlayer_lv...L4.dll

windows10-2004-x64

1

DPlayer_lv/QtXml4.dll

windows7-x64

3

DPlayer_lv/QtXml4.dll

windows10-2004-x64

3

DPlayer_lv...er.dll

windows7-x64

1

DPlayer_lv...er.dll

windows10-2004-x64

1

DPlayer_lv...54.dll

windows7-x64

1

DPlayer_lv...54.dll

windows10-2004-x64

1

DPlayer_lv...54.dll

windows7-x64

1

DPlayer_lv...54.dll

windows10-2004-x64

1

DPlayer_lv...51.dll

windows7-x64

1

DPlayer_lv...51.dll

windows10-2004-x64

1

DPlayer_lv...ax.dll

windows7-x64

1

DPlayer_lv...ax.dll

windows10-2004-x64

1

DPlayer_lv...te.xml

windows7-x64

1

DPlayer_lv...te.xml

windows10-2004-x64

1

DPlayer_lv...xy.exe

windows7-x64

6

DPlayer_lv...xy.exe

windows10-2004-x64

6

DPlayer_lv...te.xml

windows7-x64

1

DPlayer_lv...te.xml

windows10-2004-x64

1

DPlayer_lv...32.dll

windows7-x64

1

DPlayer_lv...32.dll

windows10-2004-x64

1

DPlayer_lv...g.html

windows7-x64

1

DPlayer_lv...g.html

windows10-2004-x64

1

DPlayer_lv...00.dll

windows7-x64

3

DPlayer_lv...00.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    186s
  • max time network
    223s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-11-2022 01:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DPlayer_lv/file_proxy.exe

  • Size

    1.8MB

  • MD5

    4014851acc2c5d219bc5962d1c7c3a23

  • SHA1

    ccae9357806fe7e072f375c65cee690f5f2a35d0

  • SHA256

    6130d3761d8fb3e244f6262dbceff2e168f0625cf0f22553ae98e06e7c02cd67

  • SHA512

    816cb793b1fd3567a54eb1e1d2c54cd0ab93e556f38ff6fbda39f7caadc41108c110b6c4ecf334c61e0419212815d9a41c1ee3589ef82b5e422a957143995e28

  • SSDEEP

    24576:19aPQwNBvbUwz1HfleFjsrhgJJsGnneZarZeTWMo/buzqZ8bi0T8Vw932FubJ:cBvom1CnXGWLX0TF32Fut

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 1 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DPlayer_lv\file_proxy.exe
    "C:\Users\Admin\AppData\Local\Temp\DPlayer_lv\file_proxy.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:960

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/960-132-0x0000000002F60000-0x000000000305F000-memory.dmp

    Filesize

    1020KB

    Download