3bb135949a8fd9d074d8e503909f7dfd5295f96aa6f7145a3c3aa02b15000249 | Triage

Submit
Reports

Overview

overview

Static

static

1

Setup.exe

windows7-x64

Setup.exe

windows10-2004-x64

data/cokl.dll

windows7-x64

1

data/cokl.dll

windows10-2004-x64

1

data/jre.dll

windows7-x64

1

data/jre.dll

windows10-2004-x64

1

data/wers.dll

windows7-x64

1

data/wers.dll

windows10-2004-x64

1

dxsupport_...ic.dll

windows7-x64

1

dxsupport_...ic.dll

windows10-2004-x64

1

inform.dll

windows7-x64

1

inform.dll

windows10-2004-x64

1

wers.dll

windows7-x64

1

wers.dll

windows10-2004-x64

1

Analysis

max time kernel
138s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
19-11-2023 02:56

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Setup.exe

Resource

win7-20231023-en

redline @svberves4 discovery infostealer spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Setup.exe

Resource

win10v2004-20231023-en

redline @svberves4 discovery infostealer spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Behavioral task

behavioral3

Sample

data/cokl.dll

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

data/cokl.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

data/jre.dll

Resource

win7-20231025-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

data/jre.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

data/wers.dll

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

data/wers.dll

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

dxsupport_episodic.dll

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

dxsupport_episodic.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

inform.dll

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

inform.dll

Resource

win10v2004-20231025-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

wers.dll

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

wers.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

data/wers.dll
Size

123.9MB
MD5

9b2e2a36fe94f9b33c1e787b949ec402
SHA1

1acbc06ed85a340ccaf91520f378d652ff4e5796
SHA256

98d04d874c35b6ec8c6df774ec1d672b3b5e29fc264f42abbb1cb47a1143cab3
SHA512

6555f9b256c9393b9fdd9fb99cfcbbcb057404d1f754f93bc2de236f3277fea9253b526ad8e97047738776df6a255dda8071206bf811986bda0648ba35b696bb
SSDEEP

12:cRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRW:X

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\data\wers.dll,#1
1⤵
PID:2212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy