Overview

overview

4

Static

static

3

74825e924d...7b.exe

windows7-x64

1

74825e924d...7b.exe

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Plugins/ge...ys.dll

windows7-x64

1

Plugins/ge...ys.dll

windows10-2004-x64

1

Plugins/ge...ex.dll

windows7-x64

1

Plugins/ge...ex.dll

windows10-2004-x64

3

Plugins/gen_tray.dll

windows7-x64

1

Plugins/gen_tray.dll

windows10-2004-x64

1

Plugins/in_cdda.dll

windows7-x64

3

Plugins/in_cdda.dll

windows10-2004-x64

3

Plugins/in_mp3.dll

windows7-x64

1

Plugins/in_mp3.dll

windows10-2004-x64

1

Plugins/in_wave.dll

windows7-x64

1

Plugins/in_wave.dll

windows10-2004-x64

1

Plugins/out_ds.dll

windows7-x64

1

Plugins/out_ds.dll

windows10-2004-x64

1

Plugins/out_wave.dll

windows7-x64

1

Plugins/out_wave.dll

windows10-2004-x64

1

Plugins/vis_nsfs.dll

windows7-x64

1

Plugins/vis_nsfs.dll

windows10-2004-x64

1

winamp.exe

windows7-x64

4

winamp.exe

windows10-2004-x64

4

winampa.exe

windows7-x64

1

winampa.exe

windows10-2004-x64

1

winampmb.htm

windows7-x64

1

winampmb.htm

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 10:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plugins/out_wave.dll

  • Size

    13KB

  • MD5

    07cdd40209bbc53722913745dde3932d

  • SHA1

    3b236e0f8375da631a9ecd16902b327219c141e8

  • SHA256

    46d433f97518c985a4822cbf3ddd598f6c364949eb5d55122e4e0f16f78cf1fe

  • SHA512

    0b255fa9f17bdcff7f10c718d7732e5d1ca2e9896789f18926a61d13c3f8f0343db546b273971f013d5b00487e529ea3a604e595ee0051cce1a8b926c2b45f1f

  • SSDEEP

    192:jjk9e5XFwRKaKwbL05LuJ2ItxONwMn/7HkO8A4IohiEc0jf6Y6i8O7:T2JXqLurY7Em4bho0r6l

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugins\out_wave.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3100
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugins\out_wave.dll,#1
      2⤵
        PID:4656

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads