Overview
overview
9Static
static
9Awesomium.dll
windows11-21h2-x64
3AwesomiumProcess.exe
windows11-21h2-x64
1Core.dll
windows11-21h2-x64
1D3DDrv.dll
windows11-21h2-x64
1D3DX9_40.dll
windows11-21h2-x64
3DSETUP.dll
windows11-21h2-x64
7Engine.dll
windows11-21h2-x64
1Fire.dll
windows11-21h2-x64
1L2.exe
windows11-21h2-x64
7clmods.dll
windows11-21h2-x64
5en-US.dll
windows11-21h2-x64
1l2.exe
windows11-21h2-x64
7Analysis
-
max time kernel
449s -
max time network
454s -
platform
windows11-21h2_x64 -
resource
win11-20231215-en -
resource tags
arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system -
submitted
06-02-2024 00:08
Behavioral task
behavioral1
Sample
Awesomium.dll
Resource
win11-20231222-en
Behavioral task
behavioral2
Sample
AwesomiumProcess.exe
Resource
win11-20231222-en
Behavioral task
behavioral3
Sample
Core.dll
Resource
win11-20231215-en
Behavioral task
behavioral4
Sample
D3DDrv.dll
Resource
win11-20231222-en
Behavioral task
behavioral5
Sample
D3DX9_40.dll
Resource
win11-20231215-en
Behavioral task
behavioral6
Sample
DSETUP.dll
Resource
win11-20231222-en
Behavioral task
behavioral7
Sample
Engine.dll
Resource
win11-20231222-en
Behavioral task
behavioral8
Sample
Fire.dll
Resource
win11-20231215-en
Behavioral task
behavioral9
Sample
L2.exe
Resource
win11-20231215-en
Behavioral task
behavioral10
Sample
clmods.dll
Resource
win11-20231215-en
Behavioral task
behavioral11
Sample
en-US.dll
Resource
win11-20231222-en
Behavioral task
behavioral12
Sample
l2.exe
Resource
win11-20231222-en
General
-
Target
Core.dll
-
Size
1.7MB
-
MD5
0ca58aaed4ac332cd29c37575d1e65d0
-
SHA1
39cc72e01b703fb8b7e415685d08dbda623f8f3a
-
SHA256
a9664894775635033e7b9d7b1dba0d01a08ac6c3a9b8abf8942b158731245c60
-
SHA512
cb4c35103d56774c6a496d8552c888a142f6e2fd03c39fd768f0170ee96c151fed9f9b99da3ed4a74899e8ce66225402c5fde28224cc34e2ee63c6ddf266e3a1
-
SSDEEP
24576:VBYJcKiH/estoQ7Y4AG/SLAruP7+6nHamVb9k83SyssexOZk6gQVkWEKDdBw:fNKimst77/QP7++Vb9kswokMVjFY
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4556 wrote to memory of 792 4556 rundll32.exe rundll32.exe PID 4556 wrote to memory of 792 4556 rundll32.exe rundll32.exe PID 4556 wrote to memory of 792 4556 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/792-0-0x0000000015000000-0x00000000156D7000-memory.dmpFilesize
6.8MB