Overview

overview

10

Static

static

1

t/SmadHook32.dll

windows10-1703-x64

1

t/Smadav.dat

windows10-1703-x64

3

t/Smadav.exe

windows10-1703-x64

10

t/setupres.dll

windows10-1703-x64

1

Analysis

  • max time kernel
    51s
  • max time network
    177s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15-02-2023 14:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    t/setupres.dll

  • Size

    75KB

  • MD5

    f1f9e9bd62292768f433c4f894eadb58

  • SHA1

    835aac8aa29b747cd90d44b9fef5683bf0f1f6d9

  • SHA256

    7863ad82f7e1c036e48e928433932177a14670033028b42f44dafeacb40a86a9

  • SHA512

    e59b908e54d162abc2aa2d814b71d1ff62a4d2105d2f22df8e8371b760111de30ca6e4f77e14ccbc2ec49eba3ff1013d023edb9f72c89bada17eaf4558ca669c

  • SSDEEP

    1536:71z1GbzJ50O6ZTVATfXqKtyoR5Lc+CQYsWjcdx6my+F:7tUvyAXqSdo6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\t\setupres.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4544
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\t\setupres.dll,#1
      2⤵
        PID:3504
    • C:\Windows\SysWOW64\DllHost.exe
      C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
      1⤵
        PID:3488

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3488-169-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-184-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-183-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-182-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-181-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-180-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-179-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-178-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-177-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-176-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-175-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-174-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-173-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-171-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-172-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3488-170-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-152-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-161-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-138-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-139-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-140-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-141-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-142-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-143-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-144-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-145-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-146-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-147-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-148-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-149-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-150-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-151-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-120-0x0000000000000000-mapping.dmp

        Download

      • memory/3504-153-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-154-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-155-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-156-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-157-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-158-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-159-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-160-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-137-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-162-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-163-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-164-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-165-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-166-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-167-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-168-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-136-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-135-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-134-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-133-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-132-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-130-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-131-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-129-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-128-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-127-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-126-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-125-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-124-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-123-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-122-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download

      • memory/3504-121-0x0000000077340000-0x00000000774CE000-memory.dmp

        Filesize

        1.6MB

        Download