Overview

overview

10

Static

static

10

DCRat.exe

windows10-1703-x64

7

data/7zxa.dll

windows10-1703-x64

3

data/DCRAC.exe

windows10-1703-x64

1

data/DCRCC.exe

windows10-1703-x64

3

data/Default.exe

windows10-1703-x64

1

data/NCC2.dll

windows10-1703-x64

1

data/NCC3.dll

windows10-1703-x64

3

data/NCCheck.dll

windows10-1703-x64

1

data/Rar.exe

windows10-1703-x64

3

data/RarExt.dll

windows10-1703-x64

3

data/RarExt64.dll

windows10-1703-x64

3

data/WinCon.exe

windows10-1703-x64

1

data/Zip.exe

windows10-1703-x64

1

data/dnlib.dll

windows10-1703-x64

1

data/dotNE...le.exe

windows10-1703-x64

10

data/dotNE...or.exe

windows10-1703-x64

10

data/enc.vbe

windows10-1703-x64

1

data/upx.exe

windows10-1703-x64

7

data/wRar.exe

windows10-1703-x64

4

lib/L1nc0In 1.jar

windows10-1703-x64

7

lib/L1nc0In 10.jar

windows10-1703-x64

7

lib/L1nc0In 11.jar

windows10-1703-x64

7

lib/L1nc0In 12.jar

windows10-1703-x64

7

lib/L1nc0In 13.jar

windows10-1703-x64

7

lib/L1nc0In 14.jar

windows10-1703-x64

7

lib/L1nc0In 2.jar

windows10-1703-x64

7

lib/L1nc0In 3.jar

windows10-1703-x64

7

lib/L1nc0In 4.jar

windows10-1703-x64

7

lib/L1nc0In 5.jar

windows10-1703-x64

7

lib/L1nc0In 6.jar

windows10-1703-x64

7

lib/L1nc0In 7.jar

windows10-1703-x64

7

plugins/Te...le.dll

windows10-1703-x64

1

Analysis

  • max time kernel
    62s
  • max time network
    72s
  • platform
    windows10-1703_x64
  • resource
    win10-20231020-en
  • resource tags

    arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15/11/2023, 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    data/NCC2.dll

  • Size

    13KB

  • MD5

    12e7983a050a5f7f7b501d3cda914248

  • SHA1

    6ce5d9b763fc05dcdfcaea79a62a8352371d749c

  • SHA256

    a0b6bb521e52a99abf5ac1017302da014d37296619078d42d9edf5d86d137f63

  • SHA512

    0b8788c858c35e0f8f56d552518adb71c847240f6d7c199243e046c4c2e2ae32cb035a0bc5098631656c5d7d772be4fdfdc6a4e19e00092fb3eb09044998be97

  • SSDEEP

    192:jKsAWXvf+AxcTC6xFrnT5xoqMSqzqqJocD/HCtVWAc3XTEqx2CvAPhz:9Z/f+XT/xBwqMSqeqqcmUDhKhz

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\data\NCC2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4940
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\data\NCC2.dll,#1
      2⤵
        PID:4368

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads