Overview

overview

6

Static

static

3

Slurp 15.0....3.dll

windows7-x64

1

Slurp 15.0....3.dll

windows10-2004-x64

1

Slurp 15.0...ox.dll

windows7-x64

1

Slurp 15.0...ox.dll

windows10-2004-x64

1

Slurp 15.0....0.dll

windows7-x64

1

Slurp 15.0....0.dll

windows10-2004-x64

1

Slurp 15.0...on.dll

windows7-x64

1

Slurp 15.0...on.dll

windows10-2004-x64

1

Slurp 15.0...RP.exe

windows7-x64

6

Slurp 15.0...RP.exe

windows10-2004-x64

1

Slurp 15.0...er.exe

windows7-x64

3

Slurp 15.0...er.exe

windows10-2004-x64

3

Slurp 15.0...PI.dll

windows7-x64

1

Slurp 15.0...PI.dll

windows10-2004-x64

1

Slurp 15.0...in.dll

windows7-x64

3

Slurp 15.0...in.dll

windows10-2004-x64

3

Slurp 15.0...cy.bat

windows7-x64

1

Slurp 15.0...cy.bat

windows10-2004-x64

1

Slurp 15.0...er.dll

windows7-x64

1

Slurp 15.0...er.dll

windows10-2004-x64

1

Slurp 15.0...et.dll

windows7-x64

1

Slurp 15.0...et.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-12-2023 04:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Slurp 15.06 AutoUpdater!/rbxfpsunlocker.dll

  • Size

    105KB

  • MD5

    a534c154f95f305a63fb42a323a01301

  • SHA1

    f1108134e119e37b44d2d66efee5d4152fa62803

  • SHA256

    2a1a62fec5fc46870f1a62fda83b5a556f5432be9a6e2c9ddaf0e81c82a0f659

  • SHA512

    c1c5cdb86130bd0de788c240bac498517ad3cda3cf33e723c0dd2f996a7dbfd91332779a11ff3cef36e1714ac06e6ca5553b70dc85c67f44d4d36fe9cbb1e3fd

  • SSDEEP

    1536:ctXhpORw5PyZpPHJq6lj5OSiag+RVctzp+1c2FXgIaslR3sW43cdnM+TRaZa:c9sw5qLpq615OPag+R4zp0avGnM+TRa

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Slurp 15.06 AutoUpdater!\rbxfpsunlocker.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Slurp 15.06 AutoUpdater!\rbxfpsunlocker.dll",#1
      2⤵
        PID:3168

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads