Overview

overview

5

Static

static

3

DLLLoad.exe

windows7-x64

5

DLLLoad.exe

windows10-2004-x64

5

Hamachi France.url

windows7-x64

1

Hamachi France.url

windows10-2004-x64

1

TeknoGods.dll

windows7-x64

5

TeknoGods.dll

windows10-2004-x64

5

teknohelper.exe

windows7-x64

5

teknohelper.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    164s
  • max time network
    173s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/12/2023, 20:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DLLLoad.exe

  • Size

    239KB

  • MD5

    4e9a4c28fdd0e60042779117a955a074

  • SHA1

    ec487996c03cd1c3bf3dc56b07bf31196e0cb6ed

  • SHA256

    12f991863c77a5ef017a0b3be8146de65952b736dd2cd28708ec51b1d934aa36

  • SHA512

    992c437259485f6c34d311b5715eb21063763ef8181568508f1041b1055b8a7eb8af5206fdf35c1aa40749126c45d68c0ca060c52aab17e57e13375194cb1b15

  • SSDEEP

    6144:Aujzmdywb9qES9cXP755n9aCiSaX9zeTxEKjMl:hjpyqEcO5h9aCiSatzeVEN

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 28 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DLLLoad.exe
    "C:\Users\Admin\AppData\Local\Temp\DLLLoad.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:3752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3752-0-0x0000000000F30000-0x0000000000FB5000-memory.dmp

    Filesize

    532KB

    Download

  • memory/3752-1-0x0000000000F30000-0x0000000000FB5000-memory.dmp

    Filesize

    532KB

    Download

  • memory/3752-3-0x0000000000F30000-0x0000000000FB5000-memory.dmp

    Filesize

    532KB

    Download