Overview

overview

8

Static

static

7

Oneshot/Da...78.ps1

windows10-1703-x64

3

Oneshot/LAUNCHER.exe

windows10-1703-x64

6

Oneshot/OpenAL32.dll

windows10-1703-x64

1

Oneshot/SDL2.dll

windows10-1703-x64

1

Oneshot/SD...ge.dll

windows10-1703-x64

1

Oneshot/SDL2_ttf.dll

windows10-1703-x64

1

Oneshot/Sm...mu.dll

windows10-1703-x64

1

Oneshot/Sm...64.dll

windows10-1703-x64

1

Oneshot/_R...up.exe

windows10-1703-x64

7

Oneshot/_R...up.exe

windows10-1703-x64

7

Oneshot/_R...st.exe

windows10-1703-x64

6

Oneshot/_R...86.exe

windows10-1703-x64

7

Oneshot/_R...st.msi

windows10-1703-x64

8

Oneshot/_______.exe

windows10-1703-x64

7

Oneshot/li...mt.dll

windows10-1703-x64

3

Oneshot/libbz2.dll

windows10-1703-x64

3

Oneshot/li...-6.dll

windows10-1703-x64

3

Oneshot/li...-1.dll

windows10-1703-x64

3

Oneshot/li...-0.dll

windows10-1703-x64

3

Oneshot/libgmp-10.dll

windows10-1703-x64

3

Oneshot/li...-0.dll

windows10-1703-x64

1

Oneshot/li...-2.dll

windows10-1703-x64

3

Oneshot/libintl-8.dll

windows10-1703-x64

3

Oneshot/libjpeg-9.dll

windows10-1703-x64

3

Oneshot/liblzma-5.dll

windows10-1703-x64

3

Oneshot/libogg-0.dll

windows10-1703-x64

3

Oneshot/libpcre-1.dll

windows10-1703-x64

3

Oneshot/libphysfs.dll

windows10-1703-x64

3

Oneshot/li...-0.dll

windows10-1703-x64

1

Oneshot/li...16.dll

windows10-1703-x64

1

Oneshot/li...-0.dll

windows10-1703-x64

3

Oneshot/li...-6.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    307s
  • max time network
    319s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-es
  • resource tags

    arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    02-04-2023 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Oneshot/libgmp-10.dll

  • Size

    594KB

  • MD5

    f0f28656ed370b0643e825de2458506d

  • SHA1

    d304239a0f384fbe6fcc66a7122f62f3b97adf54

  • SHA256

    a8a99b2b37cc9afd7be06b04faee08698ff4649ec7c3d7dcff21f765e2ee21ec

  • SHA512

    d08326efd216d0c8ad7781644cf265e3679fabe5d3ab155fca9c3339f03af137eea470101f4dc8faf9ad942125a5cd265c062308432cee4f9ec0bce2c6729848

  • SSDEEP

    6144:whYzGB8V57cBNaBWGx/XRUje4Hesx9zTLgq/Tw34XGw1LXjEcZy:IYzG8V57cW1Ee4+sx9zTLgq/Tw3rw53M

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Oneshot\libgmp-10.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4544
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Oneshot\libgmp-10.dll,#1
      2⤵
        PID:4384
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4384 -s 608
          3⤵
          • Program crash
          PID:1708

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4384-116-0x000000006AEC0000-0x000000006AF39000-memory.dmp

      Filesize

      484KB

      Download