Overview

overview

10

Static

static

3

dd6d5b77ea...70.dll

windows7-x64

10

dd6d5b77ea...70.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    0s
  • max time network
    1s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-12-2023 15:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dd6d5b77ea31de026c8bfb867f14ed70.dll

  • Size

    38KB

  • MD5

    dd6d5b77ea31de026c8bfb867f14ed70

  • SHA1

    7865af12c34f87e095ff70812eb753cf3f944449

  • SHA256

    553e833cf333ad707a9aa18e01f6d9d4fca8935b92f15c5ddfee379eabcb9efa

  • SHA512

    45f361bd370f83d07de54f21ea1beacca8fe98e12a1051f37dc8e690481675d838620d3a2cca107007981b30795afe2240de0ffff58dc3265d8e259c0fe6b220

  • SSDEEP

    768:tpB71V2b/CK1xbFHq4VPQz+oNOOs792CZ9xJS/DR1snrFqJknw/Agw:B1S/CMbFrVPQCoDC2CbxO91qrFqSnw4g

Score
10/10
magniberransomware

Malware Config

Signatures

  • Detect magniber ransomware 1 IoCs
  • Magniber Ransomware

    Ransomware family widely seen in Asia being distributed by the Magnitude exploit kit.

    ransomwaremagniber
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\dd6d5b77ea31de026c8bfb867f14ed70.dll,#1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2828-7-0x000001AF5D6D0000-0x000001AF5D6D5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/3420-0-0x000001A8225E0000-0x000001A822B6B000-memory.dmp

    Filesize

    5.5MB

    Download

  • memory/3420-2-0x000001A8224F0000-0x000001A8224F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3420-9-0x000001A822580000-0x000001A822581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3420-11-0x000001A822590000-0x000001A822591000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3420-12-0x000001A8225A0000-0x000001A8225A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3420-14-0x000001A8225B0000-0x000001A8225B1000-memory.dmp

    Filesize

    4KB

    Download