Overview

overview

10

Static

static

10

publish/OpenAL32.dll

windows7-x64

1

publish/OpenAL32.dll

windows10-2004-x64

1

publish/Ry...ll.xml

windows7-x64

1

publish/Ry...ll.xml

windows10-2004-x64

1

publish/Ryujinx.exe

windows7-x64

3

publish/Ryujinx.exe

windows10-2004-x64

7

publish/SDL2.dll

windows7-x64

1

publish/SDL2.dll

windows10-2004-x64

1

publish/av...59.dll

windows7-x64

1

publish/av...59.dll

windows10-2004-x64

1

publish/avutil-57.dll

windows7-x64

1

publish/avutil-57.dll

windows10-2004-x64

3

publish/bi...-0.dll

windows7-x64

1

publish/bi...-0.dll

windows10-2004-x64

3

publish/bi...-1.dll

windows7-x64

3

publish/bi...-1.dll

windows10-2004-x64

3

publish/bi...-2.dll

windows7-x64

3

publish/bi...-2.dll

windows10-2004-x64

3

publish/bi...-2.dll

windows7-x64

1

publish/bi...-2.dll

windows10-2004-x64

1

publish/bi...-3.dll

windows7-x64

3

publish/bi...-3.dll

windows10-2004-x64

3

publish/bi...-1.dll

windows7-x64

1

publish/bi...-1.dll

windows10-2004-x64

3

publish/bi...-0.dll

windows7-x64

1

publish/bi...-0.dll

windows10-2004-x64

1

publish/bi...-1.dll

windows7-x64

3

publish/bi...-1.dll

windows10-2004-x64

3

publish/bi...-6.dll

windows7-x64

1

publish/bi...-6.dll

windows10-2004-x64

3

publish/bi...-1.dll

windows7-x64

1

publish/bi...-1.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    79s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-03-2023 16:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    publish/bin/libfontconfig-1.dll

  • Size

    288KB

  • MD5

    efe9a5ff9d1d6a8cdcb8670d98791b81

  • SHA1

    a0daffc09bb58df32478b69bbc2ceca709d52a70

  • SHA256

    34b4d2804dd5e3e46b6592b9d4e875afca50652f487733545257817b25416f31

  • SHA512

    a3b92c630d95aff0b734b287a04e0b0310c63136100171bb0146f1941d5fe6181d25a084686e7419bbb2e7c08e65fc9e8b4ca0e9a833c35aba2aaf80f40b8b6b

  • SSDEEP

    6144:Y8eYpWtiDDGoO2NKdp9yFArsHGn7Zx1MbF84/:xdWMDDFO2MdpoFAFn7X1MbF84/

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\publish\bin\libfontconfig-1.dll,#1
    1⤵
      PID:3820
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 3820 -s 448
        2⤵
        • Program crash
        PID:1336
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 444 -p 3820 -ip 3820
      1⤵
        PID:1996

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3820-133-0x0000000064F80000-0x0000000064FCE000-memory.dmp
        Filesize

        312KB

        Download
      • memory/3820-134-0x0000000061440000-0x000000006145C000-memory.dmp
        Filesize

        112KB

        Download
      • memory/3820-135-0x0000000068F40000-0x0000000068F86000-memory.dmp
        Filesize

        280KB

        Download
      • memory/3820-136-0x00000000693C0000-0x0000000069473000-memory.dmp
        Filesize

        716KB

        Download
      • memory/3820-137-0x0000000066000000-0x000000006610B000-memory.dmp
        Filesize

        1.0MB

        Download
      • memory/3820-139-0x00000000626C0000-0x00000000626DA000-memory.dmp
        Filesize

        104KB

        Download
      • memory/3820-138-0x0000000064940000-0x0000000064955000-memory.dmp
        Filesize

        84KB

        Download
      • memory/3820-140-0x0000000061600000-0x0000000061712000-memory.dmp
        Filesize

        1.1MB

        Download
      • memory/3820-141-0x0000000068B40000-0x0000000068B80000-memory.dmp
        Filesize

        256KB

        Download
      • memory/3820-142-0x0000000062E80000-0x0000000062E9F000-memory.dmp
        Filesize

        124KB

        Download
      • memory/3820-144-0x00000000649C0000-0x0000000064AE5000-memory.dmp
        Filesize

        1.1MB

        Download
      • memory/3820-143-0x0000000061CC0000-0x0000000061CE8000-memory.dmp
        Filesize

        160KB

        Download
      • memory/3820-145-0x0000000070540000-0x000000007056D000-memory.dmp
        Filesize

        180KB

        Download
      • memory/3820-146-0x000000006FC40000-0x000000006FDA5000-memory.dmp
        Filesize

        1.4MB

        Download
      • memory/3820-147-0x0000000069140000-0x000000006918E000-memory.dmp
        Filesize

        312KB

        Download