Analysis
-
max time kernel
31s -
max time network
34s -
platform
windows10-2004_x64 -
resource
win10v2004-20230621-en -
resource tags
arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system -
submitted
30/06/2023, 04:14
Behavioral task
behavioral1
Sample
Bunifu.UI.WinForms.BunifuGradientPanel.dll
Resource
win10v2004-20230621-en
1 signatures
1800 seconds
General
-
Target
Bunifu.UI.WinForms.BunifuGradientPanel.dll
-
Size
61KB
-
MD5
3d622700dc3bcafe8d024c9db5498e2b
-
SHA1
05195f9aae925b79dcc50abf33b2e19b99979d21
-
SHA256
ec894ea254b16af35edce401678cb079036a98103550c9384ce99669abe21a31
-
SHA512
6044f3d3f46e8514a46514b5bcbc82591b1af448591efadd017d31e0c59701df4fc530fa68d60ac05f6557c5507b971a94597928ac6752310414cd44452797e0
-
SSDEEP
768:KtOa8cFoOYwmObnyWL5xQn/5C6/f5ia2z67ipZdhPOYjgsfHM9oizKgJHIM:Kt9jrbLUBC6H5XM6OpZdh2cxsO+ToM
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2236 rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#11⤵
- Suspicious use of FindShellTrayWindow
PID:2236
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:4312