Overview

overview

9

Static

static

9

Awesomium.dll

windows11-21h2-x64

3

AwesomiumProcess.exe

windows11-21h2-x64

1

Core.dll

windows11-21h2-x64

1

D3DDrv.dll

windows11-21h2-x64

1

D3DX9_40.dll

windows11-21h2-x64

3

DSETUP.dll

windows11-21h2-x64

7

Engine.dll

windows11-21h2-x64

1

Fire.dll

windows11-21h2-x64

1

L2.exe

windows11-21h2-x64

7

clmods.dll

windows11-21h2-x64

5

en-US.dll

windows11-21h2-x64

1

l2.exe

windows11-21h2-x64

7

Analysis

  • max time kernel
    449s
  • max time network
    454s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06-02-2024 00:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Core.dll

  • Size

    1.7MB

  • MD5

    0ca58aaed4ac332cd29c37575d1e65d0

  • SHA1

    39cc72e01b703fb8b7e415685d08dbda623f8f3a

  • SHA256

    a9664894775635033e7b9d7b1dba0d01a08ac6c3a9b8abf8942b158731245c60

  • SHA512

    cb4c35103d56774c6a496d8552c888a142f6e2fd03c39fd768f0170ee96c151fed9f9b99da3ed4a74899e8ce66225402c5fde28224cc34e2ee63c6ddf266e3a1

  • SSDEEP

    24576:VBYJcKiH/estoQ7Y4AG/SLAruP7+6nHamVb9k83SyssexOZk6gQVkWEKDdBw:fNKimst77/QP7++Vb9kswokMVjFY

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Core.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4556
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Core.dll,#1
      2⤵
        PID:792

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/792-0-0x0000000015000000-0x00000000156D7000-memory.dmp
      Filesize

      6.8MB

      Download