Overview

overview

7

Static

static

3

3DSimED32c.zip

windows10-1703-x64

1

3DSimED3.exe

windows10-1703-x64

7

3DSmdBinExport.dll

windows10-1703-x64

3

3DSmdBinImport.dll

windows10-1703-x64

3

3dsimed3.chm

windows10-1703-x64

3

AsCorsaExport.dll

windows10-1703-x64

1

AsCorsaImport.dll

windows10-1703-x64

1

AsCorsaLODExport.dll

windows10-1703-x64

1

ColladaExport.dll

windows10-1703-x64

3

ColladaImport.dll

windows10-1703-x64

1

DirtTrackImport.dll

windows10-1703-x64

3

F1-2015Import.dll

windows10-1703-x64

1

F1-2016Import.dll

windows10-1703-x64

1

F1-2017Import.dll

windows10-1703-x64

1

FBXExport.dll

windows10-1703-x64

3

FBXImport.dll

windows10-1703-x64

3

FVAImport.dll

windows10-1703-x64

3

ForzaApexImport.dll

windows10-1703-x64

1

FvaCarImport.dll

windows10-1703-x64

3

Grid2019.dll

windows10-1703-x64

1

NetKarExport.dll

windows10-1703-x64

3

NetKarImport.dll

windows10-1703-x64

3

NkoImport.dll

windows10-1703-x64

3

SketchUpExport.dll

windows10-1703-x64

1

SketchUpImport.dll

windows10-1703-x64

3

TDU1Import.dll

windows10-1703-x64

3

WaveObjExport.dll

windows10-1703-x64

3

_rgbmap.tga

windows10-1703-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    164s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    13/07/2023, 13:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    TDU1Import.dll

  • Size

    262KB

  • MD5

    1dc5fba9d605022f295ff283b79576a8

  • SHA1

    c88fa21cb50260d88de02481b5f3a041a4555ad5

  • SHA256

    4d5885241d0ae8d2a6ce0f140b64f20f3abd934dd72c0d93e42b3eb6f111c488

  • SHA512

    d1bcfb6bea15b2ff21ee1a9caa79a77a85a741038b6b8a3bcfcbcbdf3f6efa314c0d351fa4bd3789341d919a574e4ab991bf0d9d3e1c8b1c3b7063d49a968d1a

  • SSDEEP

    3072:Ovtd0TdftkFe2P0Msd9ntGCutiMVZCX6GAGB72ApTEONNjrRNBN2WN2Ag0FujUER:Ovr0QTYftmtBLCXgixNjtFN2AOoejDz

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\TDU1Import.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4924
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\TDU1Import.dll,#1
      2⤵
        PID:320
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 320 -s 620
          3⤵
          • Program crash
          PID:4984

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads