Overview

overview

10

Static

static

3

#6 NOTIFIC...L..exe

windows10-2004-x64

10

Microsoft....nifest

windows10-2004-x64

3

Microsoft....nifest

windows10-2004-x64

3

Microsoft....OC.xml

windows10-2004-x64

1

http_dll.dll

windows10-2004-x64

1

mfc80u.dll

windows10-2004-x64

1

monokini.iso

windows10-2004-x64

3

msvcr80.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    37s
  • max time network
    47s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    06-12-2023 23:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http_dll.dll

  • Size

    883KB

  • MD5

    deac278cd34bcf4ac1596ed27a7400b5

  • SHA1

    a19cc9b06bb61efb143a6f8dd0761e0a41c36394

  • SHA256

    7eb439f5da221a3f4978131b2acfe1ac80708654e693874e0b81ccf25600e7f3

  • SHA512

    0245bf0c694f64726d72354af47b9ea3e2edec45c69705d620e526aa44eb373aff33b23803b0b1eec1b85e3de267551dcf76e5ce7514d1e9430fffd9e1b3006a

  • SSDEEP

    24576:Wzq6uStsPOf+2nVWeqnm5dVjPiV95Myq15:Oq/GbVWCP9yq15

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\http_dll.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4112
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\http_dll.dll,#1
      2⤵
        PID:4172

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads