Overview

overview

7

Static

static

7

Tool_1CD_2...CD.exe

windows7-x64

7

Tool_1CD_2...CD.exe

windows10-2004-x64

7

Tool_1CD_2...34.dll

windows7-x64

1

Tool_1CD_2...34.dll

windows10-2004-x64

1

Tool_1CD_2...40.dll

windows7-x64

1

Tool_1CD_2...40.dll

windows10-2004-x64

1

Tool_1CD_2...46.dll

windows7-x64

1

Tool_1CD_2...46.dll

windows10-2004-x64

1

Tool_1CD_2...34.dll

windows7-x64

3

Tool_1CD_2...34.dll

windows10-2004-x64

3

Tool_1CD_2...40.dll

windows7-x64

3

Tool_1CD_2...40.dll

windows10-2004-x64

3

Tool_1CD_2...46.dll

windows7-x64

1

Tool_1CD_2...46.dll

windows10-2004-x64

1

Tool_1CD_2...34.dll

windows7-x64

3

Tool_1CD_2...34.dll

windows10-2004-x64

3

Tool_1CD_2...40.dll

windows7-x64

3

Tool_1CD_2...40.dll

windows10-2004-x64

3

Tool_1CD_2...46.dll

windows7-x64

1

Tool_1CD_2...46.dll

windows10-2004-x64

1

Tool_1CD_2...00.dll

windows7-x64

3

Tool_1CD_2...00.dll

windows10-2004-x64

3

Tool_1CD_2...00.dll

windows7-x64

3

Tool_1CD_2...00.dll

windows10-2004-x64

3

Tool_1CD_2...71.dll

windows7-x64

3

Tool_1CD_2...71.dll

windows10-2004-x64

3

Tool_1CD_2...80.dll

windows7-x64

3

Tool_1CD_2...80.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2023 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tool_1CD_2016v030_edit_mode/icuin46.dll

  • Size

    1.2MB

  • MD5

    2760046a4dd0fc31f770a3a439415ba8

  • SHA1

    e3766a400c246678a04b758f89e73c2cd05ed84d

  • SHA256

    b13f00990955ab856cb5bbe34f2e88784eb21e08e348f366aa4457dbca39794b

  • SHA512

    35525a1336e8f4bf3c4c15087c1b1dce091f1fec2fda35ebf8c259de0cb8db474943ac6403a02892115124f6bb69dea39093f14c16f5c3e9dd1205e7ab0aa2a2

  • SSDEEP

    24576:smdAsFxqBSKsJ5H9xlfOo2cEqz+N0wAmGgUpWj0w:besVznAj0w

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Tool_1CD_2016v030_edit_mode\icuin46.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4644
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Tool_1CD_2016v030_edit_mode\icuin46.dll,#1
      2⤵
        PID:1944

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads