Overview

overview

8

Static

static

3

update32u.dll

windows7-x64

8

update32u.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    update32u.dll.exe

  • Size

    5.9MB

  • Sample

    231014-d2dcssdf7y

  • MD5

    bc1ac26172ffac13a445923dc87eecc9

  • SHA1

    7ea28a389072a362fd59b9fd719b6934cb6fc6a8

  • SHA256

    3d736b2dc9e234fb7b7ce8d74589c8913e886752e2a6d3457a4b0faef19c250b

  • SHA512

    185b82a252475158c85d9312dcaa46ae117f28014534f5359120f2dacbdd0b558c09b99266f8c69e2e006711dab1811fc1f91ec84d60d15693eb63883ac18ca3

  • SSDEEP

    49152:O/hwTvvdeSCk0VGDgNlvuN94+tlE0aH1DgUYztPVTr+EfcdXM35EZfaimTET+az:Aa70VfrMfr8H1DgU+7EVLmTc+az

Score
8/10

Malware Config

Targets

    • Target

      update32u.dll.exe

    • Size

      5.9MB

    • MD5

      bc1ac26172ffac13a445923dc87eecc9

    • SHA1

      7ea28a389072a362fd59b9fd719b6934cb6fc6a8

    • SHA256

      3d736b2dc9e234fb7b7ce8d74589c8913e886752e2a6d3457a4b0faef19c250b

    • SHA512

      185b82a252475158c85d9312dcaa46ae117f28014534f5359120f2dacbdd0b558c09b99266f8c69e2e006711dab1811fc1f91ec84d60d15693eb63883ac18ca3

    • SSDEEP

      49152:O/hwTvvdeSCk0VGDgNlvuN94+tlE0aH1DgUYztPVTr+EfcdXM35EZfaimTET+az:Aa70VfrMfr8H1DgU+7EVLmTc+az

    Score
    8/10

    • Blocklisted process makes network request

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks