Overview

overview

3

Static

static

3

Activacion...er.rar

windows7-x64

3

Activacion...er.rar

windows10-2004-x64

3

Activacion...ro.cmd

windows7-x64

1

Activacion...ro.cmd

windows10-2004-x64

1

Activacion...te.exe

windows7-x64

3

Activacion...te.exe

windows10-2004-x64

1

Activacion...lc.dll

windows7-x64

1

Activacion...lc.dll

windows10-2004-x64

1

Activacion...Me.txt

windows7-x64

1

Activacion...Me.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    28s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 20:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Activacion Windows 10 pro - gameandapp/BIN/slc.dll

  • Size

    6KB

  • MD5

    e2840606372ab67b7107ce757d506c28

  • SHA1

    87c1c645eba6d6a2aa695d4fd2ece5fc5e5568ef

  • SHA256

    37e20a504ade965184d92ed5ca415cde899090a6a20ea3abf8c85ff9648b66f4

  • SHA512

    cf7914a6a8c6d878caeb7f726f86fbdc77d2ea246d9ea600d82a0c66e4154ee0acdbd3ff5949523b35642735d741fde39d177e5d4aff83ea4475ef84e0188ab6

  • SSDEEP

    96:B42g18NxaCRTqVSv6SqjNK03LhxMX7Z1NXSEsAYEiXR2PQ9zy:SQRTYSv6bzxMX7Z1NXSEsSlPky

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Activacion Windows 10 pro - gameandapp\BIN\slc.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2272
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Activacion Windows 10 pro - gameandapp\BIN\slc.dll",#1
      2⤵
        PID:2120

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads