Overview

overview

10

Static

static

10

IDA Pro 7....28.cfg

windows7-x64

3

IDA Pro 7....28.cfg

windows10-2004-x64

3

IDA Pro 7....da.dll

windows7-x64

1

IDA Pro 7....da.dll

windows10-2004-x64

1

IDA Pro 7....da.exe

windows7-x64

1

IDA Pro 7....da.exe

windows10-2004-x64

1

IDA Pro 7....ida.js

windows7-x64

1

IDA Pro 7....ida.js

windows10-2004-x64

1

IDA Pro 7....db.dll

windows7-x64

1

IDA Pro 7....db.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....er.dll

windows7-x64

1

IDA Pro 7....er.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....er.dll

windows7-x64

1

IDA Pro 7....er.dll

windows10-2004-x64

1

IDA Pro 7....gs.dll

windows7-x64

1

IDA Pro 7....gs.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....le.dll

windows7-x64

1

IDA Pro 7....le.dll

windows10-2004-x64

1

IDA Pro 7....rt.dll

windows7-x64

1

IDA Pro 7....rt.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

IDA Pro 7....ds.dll

windows7-x64

1

IDA Pro 7....ds.dll

windows10-2004-x64

1

IDA Pro 7....64.dll

windows7-x64

1

IDA Pro 7....64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    452s
  • max time network
    468s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2024 20:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IDA Pro 7.7.220118 (Windows) (x86_x64_ARM64)/plugins/tds.dll

  • Size

    26KB

  • MD5

    b8166c061eb9672908154c37ae4729d8

  • SHA1

    d41dde27b76023d400af0960bd32879aff127112

  • SHA256

    1c5acefbf35ab031864fa1bd333dd2b922f44cdd572c2779170e13da1c665ac0

  • SHA512

    652d0fed9fd0f24b22a08a34896919f6abb1eacf2eea5b52b3e365de1568d9dc6d7ab4cadc18bc3eed6d0a6b706d10a22e6c43f7b455c7b1cd484b7e344184a8

  • SSDEEP

    384:KcfGhJn7gnvumIzM9D5Lfr3ny0c5XQ3c0x59T41eDeyZc2jL4m3FvH/j:FG5gyM55T20c5yc0l41eDeM8I

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\IDA Pro 7.7.220118 (Windows) (x86_x64_ARM64)\plugins\tds.dll",#1
    1⤵
      PID:3792
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2944
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4392

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4392-0-0x000001236B540000-0x000001236B550000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4392-16-0x000001236B640000-0x000001236B650000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4392-32-0x0000012373970000-0x0000012373971000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4392-34-0x00000123739A0000-0x00000123739A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4392-35-0x00000123739A0000-0x00000123739A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4392-36-0x0000012373AB0000-0x0000012373AB1000-memory.dmp

        Filesize

        4KB

        Download