Overview

overview

3

Static

static

Launcher.exe

windows7-x64

1

Launcher.exe

windows10-2004-x64

1

OnlineFix.ini

windows7-x64

1

OnlineFix.ini

windows10-2004-x64

1

OnlineFix.json

windows7-x64

3

OnlineFix.json

windows10-2004-x64

3

OnlineFix64.dll

windows7-x64

1

OnlineFix64.dll

windows10-2004-x64

1

PhotonBridge.dll

windows7-x64

1

PhotonBridge.dll

windows10-2004-x64

1

SDKVersion.txt

windows7-x64

1

SDKVersion.txt

windows10-2004-x64

1

SteamOverlay64.dll

windows7-x64

1

SteamOverlay64.dll

windows10-2004-x64

3

baselib.dll

windows7-x64

3

baselib.dll

windows10-2004-x64

3

winmm.dll

windows7-x64

1

winmm.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    41s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    13-12-2022 00:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    baselib.dll

  • Size

    395KB

  • MD5

    03b95098164fff97ea464b856aa6feb8

  • SHA1

    9a45498ca3b030637b2354866489282206e8e923

  • SHA256

    7a910434ea15a4b8e2cbd8dc8890b5656f9a60f538e6d3cadfb09eae9d5e38b1

  • SHA512

    6416cbdad5263c2b2d09e3bd8e5ac9be5244c0bb8499ac88eeecb4dc7f8730dbced3b10d755a5969a315a7239e75812485efc3488bac131eb76c5b39dc300794

  • SSDEEP

    6144:tmLYuq1+dNhJ6d0BNxcHqT4PxAVsyyhcm7vv78sdTW4FYVXplZXVvfBHO:8Yuamvq+GyYoGdu14

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\baselib.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1916 -s 84
      2⤵
      • Program crash
      PID:1376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads