Overview

overview

7

Static

static

7

malzero/#.bat

windows11-21h2-x64

1

malzero/Go...ro.url

windows11-21h2-x64

1

malzero/Go...ty.url

windows11-21h2-x64

1

malzero/abs.bat

windows11-21h2-x64

1

malzero/to...sc.exe

windows11-21h2-x64

1

malzero/to...kg.exe

windows11-21h2-x64

1

malzero/to...sh.exe

windows11-21h2-x64

1

malzero/to...ff.exe

windows11-21h2-x64

1

malzero/to...ep.exe

windows11-21h2-x64

1

malzero/to...ep.exe

windows11-21h2-x64

1

malzero/to...jq.exe

windows11-21h2-x64

1

malzero/to...ox.exe

windows11-21h2-x64

1

malzero/to...ep.exe

windows11-21h2-x64

7

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-1.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

3

malzero/to...-0.dll

windows11-21h2-x64

3

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

3

malzero/to...-0.dll

windows11-21h2-x64

3

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to...-0.dll

windows11-21h2-x64

1

malzero/to..._1.dll

windows11-21h2-x64

3

malzero/to..._1.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240214-en
  • resource tags

    arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19/02/2024, 16:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    malzero/tools/openssl/api-ms-win-core-file-l2-1-0.dll

  • Size

    18KB

  • MD5

    bfb08fb09e8d68673f2f0213c59e2b97

  • SHA1

    e1e5ff4e7dd1c902afbe195d3e9fd2a7d4a539f2

  • SHA256

    6d5881719e9599bf10a4193c8e2ded2a38c10de0ba8904f48c67f2da6e84ed3e

  • SHA512

    e4f33306f3d06ea5c8e539ebdb6926d5f818234f481ff4605a9d5698ae8f2afdf79f194acd0e55ac963383b78bb4c9311ee97f3a188e12fbf2ee13b35d409900

  • SSDEEP

    192:WUWVghW/zvSx9YOCAs/nGfe4pBjSfEtcsWNArXVWQ4mWV9QqnajxcRGlPMRd54xS:WUW2hW7SUA0GftpBjBj3ll7PedGxC/

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\malzero\tools\openssl\api-ms-win-core-file-l2-1-0.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:360
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\malzero\tools\openssl\api-ms-win-core-file-l2-1-0.dll,#1
      2⤵
        PID:1628

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads