Overview

overview

3

Static

static

3

Git.chm

windows7-x64

1

Git.chm

windows10-2004-x64

1

Git.exe

windows7-x64

3

Git.exe

windows10-2004-x64

3

Glk.dll

windows7-x64

1

Glk.dll

windows10-2004-x64

1

GlkEspaol.dll

windows7-x64

1

GlkEspaol.dll

windows10-2004-x64

1

GlkItaliano.dll

windows7-x64

1

GlkItaliano.dll

windows10-2004-x64

1

ScaleGfx.dll

windows7-x64

1

ScaleGfx.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-11-2023 02:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GlkEspaol.dll

  • Size

    94KB

  • MD5

    b3a2743ee067ed8c17aa8c831a350687

  • SHA1

    ff9c5496b51cad90436a13827e1ead6ef228d4be

  • SHA256

    6cd5326a1e022c84c51fe402012e8a8f658e6fefc6cafb9ab4a6ed33dd514597

  • SHA512

    0167e5b67749ad29e76b8b554b01b2376314e6ff9a4056e568f60f145748c77711b0b3255bd23a9dbb6e5235bd2323169d65f1d0c6949849b0374758b21a2ddb

  • SSDEEP

    1536:ubdzuyfeon+xMR8pTy9cIZENsWMcdb8H+gRP+MVjX:ubwAeonDR8pTsutb8H+gpxjX

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\GlkEspaol.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1316
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\GlkEspaol.dll,#1
      2⤵
        PID:3880

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads