Overview

overview

3

Static

static

Halo h.zip

windows10-1703-x64

1

Halo h/Loader.exe

windows10-1703-x64

3

Halo h/Settings.ini

windows10-1703-x64

1

Halo h/bin...ck.dll

windows10-1703-x64

1

Halo h/bin...ck.dll

windows10-1703-x64

1

Halo h/bin/ttnlog.txt

windows10-1703-x64

1

Analysis

  • max time kernel
    1495s
  • max time network
    1587s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-es
  • resource tags

    arch:x64arch:x86image:win10-20220812-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    01-02-2023 23:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Halo h/bin/HaloPC Multihack.dll

  • Size

    43KB

  • MD5

    b31dcfd0f7d2ced3547038100dc1cf90

  • SHA1

    5ffd07c2bbcf10725e1d38f55843ccf18526bc2d

  • SHA256

    c4cd035f2a8e65a8f3a8d5e968e9854bafefd3a2cc7b959d4178da9c977e32cb

  • SHA512

    0442a7d6356404176c552b006d95a0bdb92654e31a1a54403978c4ec9f9d1231b019a1d8bd18b2ba48dd5f46a26d225571265633d7b162e28186c5d1104ec9f2

  • SSDEEP

    768:efhS5AwGs8jSKbqTpjHnNVhQ/biGequ3lSG5qTbdYUOf7O+Uz47q:yY5AwGxbq9NVjqu1SGoKUOfkz47q

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Halo h\bin\HaloPC Multihack.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4676
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Halo h\bin\HaloPC Multihack.dll",#1
      2⤵
        PID:4040

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4040-119-0x0000000000000000-mapping.dmp

      Download

    • memory/4040-120-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-121-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-122-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-123-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-124-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-125-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-126-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-127-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-128-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-129-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-130-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-131-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-132-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-133-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-134-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-135-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-136-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-137-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-138-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-139-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-140-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-141-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-142-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-143-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-144-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-145-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-146-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-147-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-148-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-149-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-150-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-151-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-152-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-153-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-154-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-155-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-156-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-157-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-158-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-159-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-160-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-161-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-163-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-164-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-162-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-165-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-166-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-167-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-168-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-169-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-170-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-171-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-172-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/4040-173-0x0000000077210000-0x000000007739E000-memory.dmp

      Filesize

      1.6MB

      Download