Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    23-09-2023 11:05

General

  • Target

    misc/libaddonsvorepository_plugin.dll

  • Size

    89KB

  • MD5

    7133a98142373324b33f2805de730d77

  • SHA1

    da61c3e5f0ec8b74671e2c1d3e6691e8796edd45

  • SHA256

    d0f3b548ed9bb6c8278bb3df3324e4a53c9b7f4c5bf4a086273e22d350ce9be1

  • SHA512

    6e2abc3c05e1494fe91e79b6bbbc8fe509d2329d3ecb496e528443d9b174ab0dbf537350a363eed74f8300ef683b340cc129c6fdd61459412a4a1a75ba9e96dc

  • SSDEEP

    1536:6USDPf7K5CPEyHbMT/19NLIxyjxvD6sNOgpqsk67mtB0mRU:HsPDKQrbML19NLIxsvD6hEQB0AU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\misc\libaddonsvorepository_plugin.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\misc\libaddonsvorepository_plugin.dll,#1
      2⤵
        PID:2236

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads