Analysis

  • max time kernel
    308s
  • max time network
    347s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-es
  • resource tags

    arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    02-04-2023 17:50

General

  • Target

    Oneshot/libpng16-16.dll

  • Size

    907KB

  • MD5

    e890d2aef08530e587ef9413a8793f7d

  • SHA1

    bba1ecd662b051b50bec3170ee0d61a246186069

  • SHA256

    851fba1d94ed8dbfd19101930958fdb514fb31d9f949d3254333c7929109798f

  • SHA512

    527de55f6b25c991d76333ec7b9366fb2da7be65558c4a2ddde3c46e7c8b468ea437ae74487551ef2a63837b8c2c44c61a079e6648bdbff4b476101ad8e8b254

  • SSDEEP

    24576:0i0xd/62K4Hug7Q75BDzRvUq4Phv9FI+CBlqxe:9KuEJv7I++

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Oneshot\libpng16-16.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4188
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Oneshot\libpng16-16.dll,#1
      2⤵
        PID:4500

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads