Overview

overview

3

Static

static

3

Password_4...0].rar

windows7-x64

3

Password_4...0].rar

windows10-2004-x64

3

Common Fil...ay.dll

windows7-x64

3

Common Fil...ay.dll

windows10-2004-x64

3

Common Fil...ce.dll

windows7-x64

3

Common Fil...ce.dll

windows10-2004-x64

3

Common Fil...er.dll

windows7-x64

1

Common Fil...er.dll

windows10-2004-x64

1

Common Fil...er.dll

windows7-x64

1

Common Fil...er.dll

windows10-2004-x64

1

Common Fil...il.dll

windows7-x64

1

Common Fil...il.dll

windows10-2004-x64

1

Common Fil...ge.dll

windows7-x64

3

Common Fil...ge.dll

windows10-2004-x64

3

Common Fil...DK.dll

windows7-x64

1

Common Fil...DK.dll

windows10-2004-x64

1

Common Fil...sh.dll

windows7-x64

1

Common Fil...sh.dll

windows10-2004-x64

1

Common Fil...er.dll

windows7-x64

1

Common Fil...er.dll

windows10-2004-x64

1

Common Fil...et.dll

windows7-x64

1

Common Fil...et.dll

windows10-2004-x64

1

Common Fil...ec.dll

windows7-x64

1

Common Fil...ec.dll

windows10-2004-x64

1

Common Fil...on.dll

windows7-x64

3

Common Fil...on.dll

windows10-2004-x64

3

Common Fil...Ex.dll

windows7-x64

3

Common Fil...Ex.dll

windows10-2004-x64

3

Common Fil...ls.dll

windows7-x64

3

Common Fil...ls.dll

windows10-2004-x64

3

Common Fil...up.dll

windows7-x64

3

Common Fil...up.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    438s
  • max time network
    446s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    02/08/2023, 23:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Common Files/Ctrls.dll

  • Size

    668KB

  • MD5

    3c1581dd42e97ef3886b6ae8cb183605

  • SHA1

    664d330db7ed71bbe15027ad4e40063218c8fc74

  • SHA256

    e8f2d779556d959e4a89f072a4d78197cf5d0e20e5cfa3491103ea8814ff7796

  • SHA512

    b05a76eac54e4717dd247c4ba2e4c6e7e0591a025645dcf82dfe11321980dac5f7854b4bbd89ba090230a58857241327f10682a89504d9f405cca2bf95dbd626

  • SSDEEP

    12288:sENUPy7fv0z/ETy7mWRFa6Fbu+YH6H6/RtdrBYn9M0EQqn7F2/bCPH9ZfBL52efh:sRPZ/EUVRFtbu+zqRtdrBYnFdW

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Common Files\Ctrls.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3612
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Common Files\Ctrls.dll",#1
      2⤵
        PID:640
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 640 -s 712
          3⤵
          • Program crash
          PID:4636
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 368 -p 640 -ip 640
      1⤵
        PID:2156

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/640-133-0x0000000002BA0000-0x0000000002BCC000-memory.dmp

        Filesize

        176KB

        Download

      • memory/640-135-0x0000000001460000-0x0000000001479000-memory.dmp

        Filesize

        100KB

        Download

      • memory/640-136-0x0000000002BE0000-0x0000000002C1E000-memory.dmp

        Filesize

        248KB

        Download

      • memory/640-138-0x0000000002C50000-0x0000000002C5D000-memory.dmp

        Filesize

        52KB

        Download

      • memory/640-139-0x0000000002C60000-0x0000000002C8F000-memory.dmp

        Filesize

        188KB

        Download

      • memory/640-140-0x0000000002CA0000-0x0000000003279000-memory.dmp

        Filesize

        5.8MB

        Download

      • memory/640-143-0x0000000003280000-0x0000000003889000-memory.dmp

        Filesize

        6.0MB

        Download