Overview

overview

10

Static

static

10

IDA/loader...ad.dll

windows7-x64

1

IDA/loader...ad.dll

windows10-2004-x64

1

IDA/loader...64.dll

windows7-x64

1

IDA/loader...64.dll

windows10-2004-x64

1

IDA/loaders/geos.dll

windows7-x64

1

IDA/loaders/geos.dll

windows10-2004-x64

1

IDA/loader...64.dll

windows7-x64

1

IDA/loader...64.dll

windows10-2004-x64

1

IDA/loaders/hex.dll

windows7-x64

1

IDA/loaders/hex.dll

windows10-2004-x64

1

IDA/loaders/hex64.dll

windows7-x64

1

IDA/loaders/hex64.dll

windows10-2004-x64

1

IDA/loaders/hpsom.dll

windows7-x64

1

IDA/loaders/hpsom.dll

windows10-2004-x64

1

IDA/loader...64.dll

windows7-x64

1

IDA/loader...64.dll

windows10-2004-x64

1

IDA/loader...mf.dll

windows7-x64

1

IDA/loader...mf.dll

windows10-2004-x64

1

IDA/loader...64.dll

windows7-x64

1

IDA/loader...64.dll

windows10-2004-x64

1

IDA/loader...dr.dll

windows7-x64

1

IDA/loader...dr.dll

windows10-2004-x64

1

IDA/loader...64.dll

windows7-x64

1

IDA/loader...64.dll

windows10-2004-x64

1

IDA/loaders/lx.dll

windows7-x64

1

IDA/loaders/lx.dll

windows10-2004-x64

1

IDA/loaders/lx64.dll

windows7-x64

1

IDA/loaders/lx64.dll

windows10-2004-x64

1

IDA/loaders/macho.dll

windows7-x64

1

IDA/loaders/macho.dll

windows10-2004-x64

1

IDA/loader...64.dll

windows7-x64

1

IDA/loader...64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    125s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    16-12-2023 15:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IDA/loaders/expload64.dll

  • Size

    15KB

  • MD5

    756290d579b0b1dc14a6e874b4084600

  • SHA1

    c3f929d6102e36320f79fed975e5f5fcd23e1716

  • SHA256

    6795dc648370e1daa311642c9ea3ceb3e84f805f1f1b5893a507a4272ccf1fb8

  • SHA512

    069026de3484f0053d67a757c005da600871b3910c8e97482a537e67e4a0bd3d318a4bc381e2ce761a483b830d4f1f2fc828f32ef62919497996425e96ebba43

  • SSDEEP

    384:f12cP4Va+uEFLR4ivGXblszHLX7vaHV0:fMi4Va6b9OlsnX7t

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\IDA\loaders\expload64.dll,#1
    1⤵
      PID:2492
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\UseReset.mov"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:324

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/324-12-0x000000013FC90000-0x000000013FD88000-memory.dmp

      Filesize

      992KB

      Download

    • memory/324-13-0x000007FEFA6A0000-0x000007FEFA6D4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/324-14-0x000007FEF6030000-0x000007FEF62E4000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/324-15-0x000007FEF48A0000-0x000007FEF594B000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/324-16-0x000007FEF3F30000-0x000007FEF4042000-memory.dmp

      Filesize

      1.1MB

      Download