Overview
overview
10Static
static
10up.zip
windows7-x64
1up.zip
windows10-2004-x64
1Cloakedbgf...so.iso
windows7-x64
3Cloakedbgf...so.iso
windows10-2004-x64
3Information.lnk
windows7-x64
3Information.lnk
windows10-2004-x64
6_
windows7-x64
1_
windows10-2004-x64
1agenda.exe
windows7-x64
1agenda.exe
windows10-2004-x64
6vcruntime140.dll
windows7-x64
1vcruntime140.dll
windows10-2004-x64
8vctool140.dll
windows7-x64
1vctool140.dll
windows10-2004-x64
8Guloaderbg...so.iso
windows7-x64
3Guloaderbg...so.iso
windows10-2004-x64
3Iisbgfhaci...ll.dll
windows7-x64
3Iisbgfhaci...ll.dll
windows10-2004-x64
3Iranbggaia...xe.exe
windows7-x64
7Iranbggaia...xe.exe
windows10-2004-x64
7Knotweedbg...ll.dll
windows7-x64
1Knotweedbg...ll.dll
windows10-2004-x64
1Magicratbg...xe.exe
windows7-x64
10Magicratbg...xe.exe
windows10-2004-x64
10Newcoppers...xe.exe
windows7-x64
4Newcoppers...xe.exe
windows10-2004-x64
4Newlogfors...xe.exe
windows7-x64
4Newlogfors...xe.exe
windows10-2004-x64
4Purecrypte...xe.dll
windows7-x64
1Purecrypte...xe.dll
windows10-2004-x64
1Purecrypte...xe.dll
windows7-x64
1Purecrypte...xe.dll
windows10-2004-x64
1Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
01-08-2023 19:38
Behavioral task
behavioral1
Sample
up.zip
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
up.zip
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Cloakedbgfjfjjaea5_browsingIso.iso
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral4
Sample
Cloakedbgfjfjjaea5_browsingIso.iso
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Information.lnk
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral6
Sample
Information.lnk
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
_
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral8
Sample
_
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
agenda.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral10
Sample
agenda.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
vcruntime140.dll
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral12
Sample
vcruntime140.dll
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
vctool140.dll
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral14
Sample
vctool140.dll
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Guloaderbgghjjdjcc1_browsingIso.iso
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral16
Sample
Guloaderbgghjjdjcc1_browsingIso.iso
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Iisbgfhaciadc2_browsingDll.dll
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral18
Sample
Iisbgfhaciadc2_browsingDll.dll
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Iranbggaiajfbi13_browsingExe.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral20
Sample
Iranbggaiajfbi13_browsingExe.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Knotweedbgfjcfhafh13_browsingDll.dll
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral22
Sample
Knotweedbgfjcfhafh13_browsingDll.dll
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Magicratbggdhgejff1_browsingExe.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral24
Sample
Magicratbggdhgejff1_browsingExe.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Newcopperstealer10_browsingExe.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral26
Sample
Newcopperstealer10_browsingExe.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Newlogforshell18_browsingExe.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral28
Sample
Newlogforshell18_browsingExe.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Purecrypter12_browsingExe.dll
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral30
Sample
Purecrypter12_browsingExe.dll
Resource
win10v2004-20230703-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Purecrypter16_browsingExe.dll
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral32
Sample
Purecrypter16_browsingExe.dll
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
Iisbgfhaciadc2_browsingDll.dll
-
Size
163KB
-
MD5
84b20e95d52f38bb4f6c998719660c35
-
SHA1
9af6dde77c274af5384dfea76a414bc60a99c878
-
SHA256
2a0b83c316219ed8c7ce1d14edf09794fa76a71cb04348d2a332991f3fceab2b
-
SHA512
56922ecf1cee78c8ec76bad9c5d6aec5c56bed9cfc025d66f1db5541023a962c9784b9708e82c5cb84ed828f053e15186fd7e0483666eaee111c4cbdcac81ea0
-
SSDEEP
3072:1LHuUlJiR+2h8DdMhUlHKoaQZTaw59X1mVXYYiNRoac:1LHuUiR+2hB+lqeR5BFRoa
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3024 2792 WerFault.exe 10 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2792 wrote to memory of 3024 2792 rundll32.exe 28 PID 2792 wrote to memory of 3024 2792 rundll32.exe 28 PID 2792 wrote to memory of 3024 2792 rundll32.exe 28