Overview

overview

3

Static

static

3

r128gain-0...54.dll

windows7-x64

3

r128gain-0...54.dll

windows10-2004-x64

3

r128gain-0...53.dll

windows7-x64

1

r128gain-0...53.dll

windows10-2004-x64

1

r128gain-0...-2.dll

windows7-x64

1

r128gain-0...-2.dll

windows10-2004-x64

1

r128gain-0...54.dll

windows7-x64

3

r128gain-0...54.dll

windows10-2004-x64

3

r128gain-0...51.dll

windows7-x64

1

r128gain-0...51.dll

windows10-2004-x64

1

r128gain-0...x.html

windows7-x64

1

r128gain-0...x.html

windows10-2004-x64

1

r128gain-0...eg.exe

windows7-x64

1

r128gain-0...eg.exe

windows10-2004-x64

1

r128gain-0...in.dll

windows7-x64

1

r128gain-0...in.dll

windows10-2004-x64

1

r128gain-0...rl.dll

windows7-x64

1

r128gain-0...rl.dll

windows10-2004-x64

1

r128gain-0...ox.dll

windows7-x64

1

r128gain-0...ox.dll

windows10-2004-x64

1

r128gain-0...52.dll

windows7-x64

1

r128gain-0...52.dll

windows10-2004-x64

1

r128gain-0...ox.exe

windows7-x64

1

r128gain-0...ox.exe

windows10-2004-x64

1

r128gain-0...-0.dll

windows7-x64

1

r128gain-0...-0.dll

windows10-2004-x64

1

r128gain-0...-2.dll

windows7-x64

3

r128gain-0...-2.dll

windows10-2004-x64

1

r128gain-0...in.exe

windows7-x64

1

r128gain-0...in.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 12:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    r128gain-0.9.7-2/r128gain-tools/avdevice-53.dll

  • Size

    21KB

  • MD5

    0f38aa8dc60b1e9078eb82a9925ec17b

  • SHA1

    7f478dade7aea42e50ca1c8a269dcf2164b2da48

  • SHA256

    2921da8aa9dd25127befb10fc53c0e2cb80fa4c0eefffc5b0c071a007a9061b9

  • SHA512

    423fa7e28d6d881b1054b4b12b5e089987310325bf0f30d074c8c867d842f090bc9391b71011a7e70bc9306e75882b474b7e37d2aa4d70b304414de6e40cca93

  • SSDEEP

    384:2I74N9aTkOMSL/3nxlvctvqH9BJG4QcKeRHiUvHfWZ/u:tOIhdD3nxlvuvc9tQMde1u

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\r128gain-0.9.7-2\r128gain-tools\avdevice-53.dll,#1
    1⤵
      PID:3656
    • C:\Windows\system32\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\r128gain-0.9.7-2\r128gain-tools\avdevice-53.dll,#1
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2212

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3656-3-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-2-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-6-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-8-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-11-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-15-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-13-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-9-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-16-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-17-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-20-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-21-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-22-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-24-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-27-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-25-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-28-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-29-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-31-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-32-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-35-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-37-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-40-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-41-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-43-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-46-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-48-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-45-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-49-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-39-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-54-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-56-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-59-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-58-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-62-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-66-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-70-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-73-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-74-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-75-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-77-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-78-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-80-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-83-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-85-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-90-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-92-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-88-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-96-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-98-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-100-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-103-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-107-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-111-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-114-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-109-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-123-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-126-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-129-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-121-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-119-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-138-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-142-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-149-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-147-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-151-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-155-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-157-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-161-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-163-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-170-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-172-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-176-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-174-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-179-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-184-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-168-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-166-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-159-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-153-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-145-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-140-0x000000006AB00000-0x000000006AB52000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3656-105-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-94-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-87-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-81-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-76-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-72-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-68-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-67-0x0000000069900000-0x0000000069962000-memory.dmp

      Filesize

      392KB

      Download

    • memory/3656-64-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-65-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-61-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-52-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-51-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-38-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-36-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-34-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-30-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-19-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-5-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download

    • memory/3656-0-0x000000006A0C0000-0x000000006A569000-memory.dmp

      Filesize

      4.7MB

      Download