Overview

overview

10

Static

static

10

fe290135a9...28.dll

windows7-x64

1

fe290135a9...28.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/10/2023, 13:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fe290135a95600c430249077ad21e695ef4f57ace3e4a226c52aef905cb81d28.dll

  • Size

    51KB

  • MD5

    8f0c26d816d4439781c5a90365700089

  • SHA1

    ab086c82260ca13016299b4b4969ef0709a59c57

  • SHA256

    fe290135a95600c430249077ad21e695ef4f57ace3e4a226c52aef905cb81d28

  • SHA512

    5addcb7b75949515f4351df424ded07d84c0c17e40267b4e885054e09291cdea079935da770cede69a936cee031522461185a6886652faabeb4d870a2698038c

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL2JYH5:1dWubF3n9S91BF3fbo6JYH5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fe290135a95600c430249077ad21e695ef4f57ace3e4a226c52aef905cb81d28.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4852
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fe290135a95600c430249077ad21e695ef4f57ace3e4a226c52aef905cb81d28.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:5040
  • C:\Windows\system32\rundll32.exe
    "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
    1⤵
      PID:1548
    • C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe -k UnistackSvcGroup
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1852

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1852-0-0x000001DBACB40000-0x000001DBACB50000-memory.dmp

            Filesize

            64KB

            Download

          • memory/1852-16-0x000001DBACC40000-0x000001DBACC50000-memory.dmp

            Filesize

            64KB

            Download

          • memory/1852-32-0x000001DBB4F50000-0x000001DBB4F51000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1852-34-0x000001DBB4F60000-0x000001DBB4F61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1852-35-0x000001DBB4F60000-0x000001DBB4F61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1852-36-0x000001DBB4F70000-0x000001DBB4F71000-memory.dmp

            Filesize

            4KB

            Download