Overview

overview

7

Static

static

7

[NoMenu] S...0t.dll

windows7-x64

3

[NoMenu] S...0t.dll

windows10-2004-x64

3

[NoMenu] S...0t.exe

windows7-x64

1

[NoMenu] S...0t.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 00:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    [NoMenu] SiroSix's Dinar Bot V1.9/Din4r B0t.dll

  • Size

    11KB

  • MD5

    0eed2e2b5f0a10769f2d959a1582ce21

  • SHA1

    dc7b29b1a0253da5bb7279f1afc5fa9a36bba0e1

  • SHA256

    3ac82204052af8e16604e12af62e26c095c730f2ee7bfb465846f4abfbbfd526

  • SHA512

    e8a8356e600e702b6d283b67fd68cf9a0a96a618feb55b21dbf798ecf6d4fc8fd6f170ade47ead786a614f91e26e93e184979cb29629d3edb5090eca9a699c1f

  • SSDEEP

    192:7r8Rtt3DqNpzWnWz//Q/RwW4NGnAx7wCMrpY7Y8LqPZo5LdCfffnMO3E:7rE9qNQnIKqWKGnAx7r6+Y9PffPz

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\[NoMenu] SiroSix's Dinar Bot V1.9\Din4r B0t.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\[NoMenu] SiroSix's Dinar Bot V1.9\Din4r B0t.dll",#1
      2⤵
        PID:2392
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2392 -s 320
          3⤵
          • Program crash
          PID:2700

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2392-0-0x0000000074800000-0x0000000074809000-memory.dmp

            Filesize

            36KB

            Download

          • memory/2392-1-0x00000000747F0000-0x00000000747F9000-memory.dmp

            Filesize

            36KB

            Download

          • memory/2392-2-0x00000000747E0000-0x00000000747E9000-memory.dmp

            Filesize

            36KB

            Download

          • memory/2392-3-0x0000000074800000-0x0000000074809000-memory.dmp

            Filesize

            36KB

            Download