Overview

overview

3

Static

static

3

Plants.Vs....US.dll

windows7-x64

1

Plants.Vs....US.dll

windows10-2004-x64

1

Plants.Vs....re.dll

windows7-x64

1

Plants.Vs....re.dll

windows10-2004-x64

1

Plants.Vs....er.exe

windows7-x64

1

Plants.Vs....er.exe

windows10-2004-x64

1

Plants.Vs....er.exe

windows7-x64

1

Plants.Vs....er.exe

windows10-2004-x64

1

Plants.Vs....ss.exe

windows7-x64

1

Plants.Vs....ss.exe

windows10-2004-x64

1

Plants.Vs....e4.dll

windows7-x64

3

Plants.Vs....e4.dll

windows10-2004-x64

3

Plants.Vs....i4.dll

windows7-x64

3

Plants.Vs....i4.dll

windows10-2004-x64

3

Plants.Vs....k4.dll

windows7-x64

3

Plants.Vs....k4.dll

windows10-2004-x64

3

Plants.Vs....t4.dll

windows7-x64

1

Plants.Vs....t4.dll

windows10-2004-x64

1

Plants.Vs....l4.dll

windows7-x64

3

Plants.Vs....l4.dll

windows10-2004-x64

3

Plants.Vs....s4.dll

windows7-x64

3

Plants.Vs....s4.dll

windows10-2004-x64

3

Plants.Vs....on.exe

windows7-x64

1

Plants.Vs....on.exe

windows10-2004-x64

1

Plants.Vs....wc.dll

windows7-x64

1

Plants.Vs....wc.dll

windows10-2004-x64

1

Plants.Vs....s4.dll

windows7-x64

1

Plants.Vs....s4.dll

windows10-2004-x64

1

Plants.Vs....d4.dll

windows7-x64

1

Plants.Vs....d4.dll

windows10-2004-x64

1

Plants.Vs....s4.dll

windows7-x64

1

Plants.Vs....s4.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02-02-2024 07:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plants.Vs.Zombies.GOTY/Plants Vs Zombies GOTY/Plants vs. Zombies/Core/EACore.dll

  • Size

    11.1MB

  • MD5

    543636660ffe7180354adcae5de50282

  • SHA1

    bbb11c99e89d55b326aa7a8d0dda62ddf6fba39f

  • SHA256

    e42aa8de59069383f816bc92a23aebad31054fcb1d08567b87d5d39d7b5e29d4

  • SHA512

    f6d09fb4b304192131d36297d15b2ff71b7c9246dd825add06d4c9135099c1d855e547ebbdcd9e00c68f3b059f117bbd2f000ad57413a17af360989a4827caf7

  • SSDEEP

    98304:kt9tEE1vlHCyszDDa3mHjghVfcLFwIh/PTiCAOQbja:UNpCFX0mHjsVf8Fw6TiCAtG

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Plants.Vs.Zombies.GOTY\Plants Vs Zombies GOTY\Plants vs. Zombies\Core\EACore.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1592
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Plants.Vs.Zombies.GOTY\Plants Vs Zombies GOTY\Plants vs. Zombies\Core\EACore.dll",#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2184
      • C:\Users\Admin\AppData\Local\Temp\PLANTS~1.GOT\PLANTS~1\PLANTS~1.ZOM\Core\EACoreServer.exe
        "C:\Users\Admin\AppData\Local\Temp\PLANTS~1.GOT\PLANTS~1\PLANTS~1.ZOM\Core\EACoreServer.exe" -CoreServerId="Access3Test"
        3⤵
          PID:2176

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\ProgramData\Electronic Arts\EA Core\logs\Access3Test.log
      Filesize

      1KB

      MD5

      e99900fc27afe29fb38476db8e4cbf4f

      SHA1

      5c7c2fbe6c02801d7b054483d58e01f5aabe7cba

      SHA256

      01b93be9deb25b4045b2183e186e3d31bcb1f0e20be87668926a5850978e91df

      SHA512

      e43764a7464c12d20e9155362128fd9d1da65abd90bafaa6d8be173b69102d1b1d43cd16c51fb6c76718ff16d0ccea5dd6e5bae55474b46da2e1c34c79bf58a1

      Download Submit

    • C:\ProgramData\Electronic Arts\EA Core\prefs\Access3Test.ini
      Filesize

      744B

      MD5

      2d7bfebb5aaa13ed1efcd7b1b7ba0571

      SHA1

      452d4bb8f6163a6f6050a9d441eef859503fb888

      SHA256

      fbdaf364bee6c371c095982b5955d51e8fc18c7dab1769539242d767e0ea3500

      SHA512

      90d3274e232f2a9d2674c2b2341c9544de4a5b80974b4dab0cd6cfe7ce078b3172445b562c80a09a2e8065cade4011a238be52193c85b728fa6fead84b7aaba5

      Download Submit