Overview

overview

5

Static

static

1

Setup.exe

windows11-21h2-x64

5

WCLDll.dll

windows11-21h2-x64

1

conquistador.wav

windows11-21h2-x64

1

maam.tar.gz

windows11-21h2-x64

3

msvcp140.dll

windows11-21h2-x64

3

ptMgr.dll

windows11-21h2-x64

1

ptusredt.dll

windows11-21h2-x64

1

vcruntime140.dll

windows11-21h2-x64

3

wbxtrace.dll

windows11-21h2-x64

1

Resubmissions

30/01/2024, 20:29

240130-y9r65sddem 10

27/01/2024, 22:52

240127-2tmhhafgbq 5

27/01/2024, 22:49

240127-2r7ewsffgq 7

Analysis

  • max time kernel
    87s
  • max time network
    88s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    27/01/2024, 22:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WCLDll.dll

  • Size

    590KB

  • MD5

    9005812bebfcc98db95def5b1c9b96f0

  • SHA1

    d85f085c59fe8cca75352399ebc8510e2799bf68

  • SHA256

    8acf6eea851ccd43a33eee9840794b9944eed61e5be0a7c403b79d3baa48940c

  • SHA512

    c25c4eaef2d40d5294fcd2b15f3065cb3c6cad19cc5c32da4a81b20d99023dbfcccfa5fbc2d79f45892f7d858c04d956f1734d0359054fae9e609a5d604ab0b1

  • SSDEEP

    12288:i+Se970XqzxUmUkVakh1d4wJjfXB7w86ywKUc6A9iSOJ7zP8cl7ksEjwdA9iOaQ:ce97qqzxXUkckh1d4wJjfB8vywKUc6A7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\WCLDll.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4384
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\WCLDll.dll,#1
      2⤵
        PID:1288

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads