Overview

overview

3

Static

static

3

XTV9_Trial...al.exe

windows7-x64

3

XTV9_Trial...al.exe

windows10-2004-x64

3

XTV9_Trial...er.dll

windows7-x64

1

XTV9_Trial...er.dll

windows10-2004-x64

3

XTV9_Trial...32.dll

windows7-x64

1

XTV9_Trial...32.dll

windows10-2004-x64

1

XTV9_Trial...32.dll

windows7-x64

1

XTV9_Trial...32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XTV9_Trial/libeay32.dll

  • Size

    1.0MB

  • MD5

    0cb3ae2a9c9830a4167123ff76e32ea9

  • SHA1

    6270368312f74a360f31478a0bb123ba6ce972a4

  • SHA256

    4e4f0aa8ac639ee7d2f770a7662fd5e83dfb4ee327ce6d2a5cf02cb4fe9880ad

  • SHA512

    111d3698fce4954915ee51d33996e7eeec260dab65c0a5f3bff2f7bb6421285138fe9d32fd9c9e6337abbcfd59835e7d20eb2a2f6a142b87352fc9c05ce9bff5

  • SSDEEP

    12288:5jCXP9DT4YHUr656NqKgHSrkj6I9UBPg+8KhYTKGpeRr/IpSLUb2ZqAwj:5jCXFf4IX56JRIQI+5hmp0bjUb2Z9wj

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\XTV9_Trial\libeay32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\XTV9_Trial\libeay32.dll,#1
      2⤵
        PID:2696

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads