Overview
overview
10Static
static
ET.lnk
windows7-x64
10ET.lnk
windows10-1703-x64
10ET.lnk
windows10-2004-x64
10developer/...ng.cmd
windows7-x64
1developer/...ng.cmd
windows10-1703-x64
1developer/...ng.cmd
windows10-2004-x64
1developer/inhales.cmd
windows7-x64
1developer/inhales.cmd
windows10-1703-x64
1developer/inhales.cmd
windows10-2004-x64
1developer/...ss.dll
windows7-x64
3developer/...ss.dll
windows10-1703-x64
3developer/...ss.dll
windows10-2004-x64
3Analysis
-
max time kernel
77s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
08-12-2022 14:49
Static task
static1
Behavioral task
behavioral1
Sample
ET.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ET.lnk
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
ET.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral4
Sample
developer/becoming.cmd
Resource
win7-20220812-en
Behavioral task
behavioral5
Sample
developer/becoming.cmd
Resource
win10-20220812-en
Behavioral task
behavioral6
Sample
developer/becoming.cmd
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
developer/inhales.cmd
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
developer/inhales.cmd
Resource
win10-20220901-en
Behavioral task
behavioral9
Sample
developer/inhales.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral10
Sample
developer/nevertheless.dll
Resource
win7-20221111-en
Behavioral task
behavioral11
Sample
developer/nevertheless.dll
Resource
win10-20220901-en
Behavioral task
behavioral12
Sample
developer/nevertheless.dll
Resource
win10v2004-20221111-en
General
-
Target
developer/nevertheless.dll
-
Size
209KB
-
MD5
bc47f431d704a935bdd20d65aceab8df
-
SHA1
9729b10dde412058d36636a7522996651aaabe9f
-
SHA256
4125a812e9d57cce27ab819705a96634ec91ce23cf7dc2c36e82ba15ec4fe184
-
SHA512
96c49bd4204c7501ddc08cc39d0a7930636d22a435501fefa8d8de89a70a568ae74e76afe3575464812555f7ef8f77c31e87cb477cf4cf47a38620b453e84f59
-
SSDEEP
6144:s7N2DFx/kYWK4XDfAW2C//+777777Lw9oHMAqLa8F3u8:s5O//r777777LwmqLbF3u8
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 268 920 WerFault.exe rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 920 wrote to memory of 268 920 rundll32.exe WerFault.exe PID 920 wrote to memory of 268 920 rundll32.exe WerFault.exe PID 920 wrote to memory of 268 920 rundll32.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/268-54-0x0000000000000000-mapping.dmp