Overview

overview

8

Static

static

387db3d1b8...24.dll

windows7-x64

8

387db3d1b8...24.dll

windows10-2004-x64

8

Analysis

  • max time kernel
    91s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 09:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524.dll

  • Size

    284KB

  • MD5

    822dfc2cb2f04a40daf371c289f7eaf0

  • SHA1

    d3e09ce0d9893b7e60220bb24b72a20ddff2324d

  • SHA256

    387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524

  • SHA512

    95b0de971c2b5d21ed3258ce71aa5b083d39fe4a9aa0f159159dde9a6c54bd813787ea0952700baa3b275c12b994cc1748f73f9951a8c5d6eb4179ed7ae797bc

  • SSDEEP

    6144:CPkegtQUar+vmt06eWA2MIIo96680ln90:CAiUY+Oa2jIK6o30

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3464
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\387db3d1b82c9077120503db5bbd95eb4e8722805b410451d325712ea7de1524.dll,#1
      2⤵
        PID:652

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/652-133-0x00000000022D0000-0x00000000022DD000-memory.dmp

            Filesize

            52KB

            Download

          • memory/652-136-0x00000000022D0000-0x00000000022DD000-memory.dmp

            Filesize

            52KB

            Download

          • memory/652-137-0x00000000022D0000-0x00000000022DD000-memory.dmp

            Filesize

            52KB

            Download

          • memory/652-138-0x00000000022D0000-0x00000000022DD000-memory.dmp

            Filesize

            52KB

            Download

          • memory/652-139-0x00000000022D6000-0x00000000022DC000-memory.dmp

            Filesize

            24KB

            Download

          • memory/652-140-0x00000000022D1000-0x00000000022D6000-memory.dmp

            Filesize

            20KB

            Download