Analysis

  • max time kernel
    432s
  • max time network
    1593s
  • platform
    windows10-1703_x64
  • resource
    win10-20231025-en
  • resource tags

    arch:x64arch:x86image:win10-20231025-enlocale:en-usos:windows10-1703-x64system
  • submitted
    04-11-2023 19:20

General

  • Target

    Rise/natives/OpenAL32.dll

  • Size

    381KB

  • MD5

    9e02334f9bba622885eadb059f0633b3

  • SHA1

    ede381bf55e7d0cd3a7e058237bbc66a8ff63837

  • SHA256

    baf27fc91dc852d78889e052cfc9ed2b6fc0927258bb507a895c6fcd50f10fef

  • SHA512

    066eaaee241976d99e3f11de415976fb0e47e97035d4d7a7c121c33882190f3546637650f841a2858ac1734655f4994dc2cb8c5bdda5828557485fc20a779def

  • SSDEEP

    6144:qB0wNMEdGJE5cN8PLJ8I1kabGLPwrWr+JervPI6YXaZ8AO8+H1MOi7BU:qBDL+af1kabGL/r+JwvPjKaZ8NMO

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Rise\natives\OpenAL32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5000
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Rise\natives\OpenAL32.dll,#1
      2⤵
        PID:68

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads