Overview

overview

7

Static

static

7

MiniUpdate...ck.dll

windows7-x64

1

MiniUpdate...ck.dll

windows10-2004-x64

3

MiniUpdate/Camera.dll

windows7-x64

7

MiniUpdate/Camera.dll

windows10-2004-x64

7

MiniUpdate...ow.ps1

windows7-x64

1

MiniUpdate...ow.ps1

windows10-2004-x64

1

MiniUpdate...er.exe

windows7-x64

1

MiniUpdate...er.exe

windows10-2004-x64

1

MiniUpdate...nt.dll

windows7-x64

1

MiniUpdate...nt.dll

windows10-2004-x64

3

MiniUpdate...fy.dll

windows7-x64

1

MiniUpdate...fy.dll

windows10-2004-x64

1

MiniUpdate/Main.exe

windows7-x64

1

MiniUpdate/Main.exe

windows10-2004-x64

1

MiniUpdate...se.dll

windows7-x64

1

MiniUpdate...se.dll

windows10-2004-x64

1

MiniUpdate...pd.exe

windows7-x64

1

MiniUpdate...pd.exe

windows10-2004-x64

1

MiniUpdate/Xor.dll

windows7-x64

1

MiniUpdate/Xor.dll

windows10-2004-x64

1

MiniUpdate...ga.dll

windows7-x64

1

MiniUpdate...ga.dll

windows10-2004-x64

1

MiniUpdate...00.dll

windows7-x64

3

MiniUpdate...00.dll

windows10-2004-x64

3

MiniUpdate...00.dll

windows7-x64

3

MiniUpdate...00.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    274s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2023 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MiniUpdate/Camera.dll

  • Size

    32KB

  • MD5

    42465f843505d364268c1912ef3aff70

  • SHA1

    502c7112e412a340985a4a32d6765eb2aff861aa

  • SHA256

    784a2d152d2e4ca266e2574cad0c6186fe7c081e803dd168dbb4ce5124a9a3ee

  • SHA512

    628308eaaa0742ece67aa4ea89a77917b9f73788052ae667854a3c107432c685aafc647d7d3aed85c839cb3bae4fb9cf9e7be4226b21c394806733786f5170c3

  • SSDEEP

    768:Z2BtA54Ju7A8+3NIMGylJkdSWX1ziLFagcrwVo:EBu5CuEhZGylJEXpiLFaXwVo

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MiniUpdate\Camera.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3916
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\MiniUpdate\Camera.dll,#1
      2⤵
        PID:5100
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 5100 -s 552
          3⤵
          • Program crash
          PID:448
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 5100 -s 828
          3⤵
          • Program crash
          PID:464
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 5100 -ip 5100
      1⤵
        PID:1576
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 5100 -ip 5100
        1⤵
          PID:1232

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/5100-0-0x00000000750B0000-0x00000000750C7000-memory.dmp

          Filesize

          92KB

          Download