Overview

overview

10

Static

static

3

Language/WinRar.exe

windows7-x64

1

Language/WinRar.exe

windows10-2004-x64

1

Photoshop-...ck.exe

windows7-x64

10

Photoshop-...ck.exe

windows10-2004-x64

1

opengl32.dll

windows7-x64

1

opengl32.dll

windows10-2004-x64

1

vcruntime140.dll

windows7-x64

1

vcruntime140.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    62s
  • max time network
    84s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2023 15:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    opengl32.dll

  • Size

    36.0MB

  • MD5

    ca1aaaccc6f19ccd74a48eea51c03338

  • SHA1

    c0ca48ab85406b6a98761a212c3e5fde92ada7ec

  • SHA256

    d109ab0e8f7aa6f00992368b72c9a8aa0cf6d1b1563c3ab1caedbdba9c4476ba

  • SHA512

    8bf7382fdc59649a1b44107d4289a8ea898f19c2addb3d5fc87a1c60baa667abac359d084829b552b391456613a0e3273a64d3d2464d780cc1d7d6ef5c204a31

  • SSDEEP

    393216:LoT0RoCZueyqN9LB2xmcR+hcoPwdyzjpECaT0UMPbGLsXT4El/uRKgI9v/2OlJ/I:84vb0GmnI9NX0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\opengl32.dll,#1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3920
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 3920 -s 56
      2⤵
        PID:3936
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4084 --field-trial-handle=1300,i,11863090858071501683,1776977532629093433,131072 /prefetch:8
      1⤵
        PID:3964
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --mojo-platform-channel-handle=1600 --field-trial-handle=1300,i,11863090858071501683,1776977532629093433,131072 /prefetch:1
        1⤵
          PID:4068
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1056 --field-trial-handle=1300,i,11863090858071501683,1776977532629093433,131072 /prefetch:8
          1⤵
            PID:1916

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads