Overview

overview

6

Static

static

3

828 Setting File.zip

windows11-21h2-x64

1

Setting Fi...ry.dll

windows11-21h2-x64

1

Setting Fi...ry.pdb

windows11-21h2-x64

3

Setting Fi...cation

windows11-21h2-x64

1

Setting Fi...rd.exe

windows11-21h2-x64

1

Setting Fi...xe.xml

windows11-21h2-x64

1

Setting Fi...nifest

windows11-21h2-x64

3

Setting Fi...rd.pdb

windows11-21h2-x64

3

Setting Fi...re.dll

windows11-21h2-x64

1

Setting Fi...��.exe

windows11-21h2-x64

1

Setting Fi...��.dll

windows11-21h2-x64

1

Setting Fi...og.txt

windows11-21h2-x64

3

Setting Fi...��.dll

windows11-21h2-x64

1

Setting Fi...��.dll

windows11-21h2-x64

1

Setting Fi...er.mp4

windows11-21h2-x64

6

Setting Fi...ng.mp4

windows11-21h2-x64

6

Setting Fi...+D.mp4

windows11-21h2-x64

6

Setting Fi...up.mp4

windows11-21h2-x64

6

Setting Fi...ng.mp4

windows11-21h2-x64

6

Setting Fi...ng.mp4

windows11-21h2-x64

6

Setting Fi...ng.mp4

windows11-21h2-x64

6

Setting Fi...eo.mp4

windows11-21h2-x64

6

Setting Fi...d.docx

windows11-21h2-x64

1

Setting Fi...l.docx

windows11-21h2-x64

Analysis

  • max time kernel
    201s
  • max time network
    308s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12/01/2024, 15:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setting File/Setting File/Ordinary model-mini keyboard English setting software(Compatible with all�.dll

  • Size

    4KB

  • MD5

    123e003dbe63c7539e16186aca17e083

  • SHA1

    bfa6b956d1e7ae2ce1535f4e683f285259a30c46

  • SHA256

    5cd036a543fa6537d770857aecbca08bc24aa2ec1d4f22e0bd8c22d856b3be9a

  • SHA512

    f3fc043a53ccdedda94588598d1830fca1d4ec1e69999b263d4a030fbc34fdccc7cd3f1f1b980c25fe3b6492b2483f45ebb3bd53f99e10518856fcb448a8304c

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Setting File\Setting File\Ordinary model-mini keyboard English setting software(Compatible with all�.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5004
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Setting File\Setting File\Ordinary model-mini keyboard English setting software(Compatible with all�.dll",#1
      2⤵
        PID:2928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads