Analysis

  • max time kernel
    143s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/01/2024, 09:55

General

  • Target

    GongShaFuZhu13/【x1】攻沙辅助/plugin/SGUOBROWSER.dll

  • Size

    48KB

  • MD5

    8dc95c9231e8448c34b350486e3e1133

  • SHA1

    c828eaaf32e053bd7f6046b5708c1fe9ebb09e37

  • SHA256

    7170daad1770562192dfc6cce34f09f1804a9c5852ba8a7acb5127d70acd34a9

  • SHA512

    e4bf1925b9bc8cbd2df7dab311041fb831213d12edbad16808923b6bef3ef9ec192fe5313bfa4da3e75b106dbc86657fdf34714fb8e9d5ad4b88b1dcf5a94e46

  • SSDEEP

    768:0G6I2742gM31Q0v+BDnHOjsIKeKsjnoyp7P:D644lmDHODhKIno07

Score
1/10

Malware Config

Signatures

  • Modifies registry class 11 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\GongShaFuZhu13\【x1】攻沙辅助\plugin\SGUOBROWSER.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1836
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\GongShaFuZhu13\【x1】攻沙辅助\plugin\SGUOBROWSER.dll
      2⤵
      • Modifies registry class
      PID:4252

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads