Overview

overview

7

Static

static

3

3DSimED32c.zip

windows10-1703-x64

1

3DSimED3.exe

windows10-1703-x64

7

3DSmdBinExport.dll

windows10-1703-x64

3

3DSmdBinImport.dll

windows10-1703-x64

3

3dsimed3.chm

windows10-1703-x64

3

AsCorsaExport.dll

windows10-1703-x64

1

AsCorsaImport.dll

windows10-1703-x64

1

AsCorsaLODExport.dll

windows10-1703-x64

1

ColladaExport.dll

windows10-1703-x64

3

ColladaImport.dll

windows10-1703-x64

1

DirtTrackImport.dll

windows10-1703-x64

3

F1-2015Import.dll

windows10-1703-x64

1

F1-2016Import.dll

windows10-1703-x64

1

F1-2017Import.dll

windows10-1703-x64

1

FBXExport.dll

windows10-1703-x64

3

FBXImport.dll

windows10-1703-x64

3

FVAImport.dll

windows10-1703-x64

3

ForzaApexImport.dll

windows10-1703-x64

1

FvaCarImport.dll

windows10-1703-x64

3

Grid2019.dll

windows10-1703-x64

1

NetKarExport.dll

windows10-1703-x64

3

NetKarImport.dll

windows10-1703-x64

3

NkoImport.dll

windows10-1703-x64

3

SketchUpExport.dll

windows10-1703-x64

1

SketchUpImport.dll

windows10-1703-x64

3

TDU1Import.dll

windows10-1703-x64

3

WaveObjExport.dll

windows10-1703-x64

3

_rgbmap.tga

windows10-1703-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    164s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    13/07/2023, 13:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3DSmdBinExport.dll

  • Size

    190KB

  • MD5

    0bd3e7a59f7cd355d62e997af8867241

  • SHA1

    73a1ce2dccca41b94daf98caff5339f0675173f2

  • SHA256

    077717dc9d12286e19d82e8e5513b601b880206e1c2914fd900f12c1c9beeab9

  • SHA512

    1c6f2ce8cf021d62d5844fc932649758fc12f42817060df2ecb317aea8aa6a57364a15216cd981d6ec1edbb1a5574988c76fc5a3d1b44495876918c0a59447fb

  • SSDEEP

    3072:buXdhfxcNVNTv5fpWrgmatNLy7XrT2BrJCAg0FujaOhy+D:StwpxpOgTtIpAO1c+D

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3DSmdBinExport.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5064
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3DSmdBinExport.dll,#1
      2⤵
        PID:5092
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 5092 -s 620
          3⤵
          • Program crash
          PID:4300

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads