d8ac592fd72b3af84d14f3e37222753e768f368f5e2fcee9aa6021ca2b9ca35f

Submit
Reports

Overview

overview

Static

static

malzero/#.bat

windows11-21h2-x64

malzero/Go...ro.url

windows11-21h2-x64

malzero/Go...ty.url

windows11-21h2-x64

malzero/abs.bat

windows11-21h2-x64

malzero/to...sc.exe

windows11-21h2-x64

malzero/to...kg.exe

windows11-21h2-x64

malzero/to...sh.exe

windows11-21h2-x64

malzero/to...ff.exe

windows11-21h2-x64

malzero/to...ep.exe

windows11-21h2-x64

malzero/to...ep.exe

windows11-21h2-x64

malzero/to...jq.exe

windows11-21h2-x64

malzero/to...ox.exe

windows11-21h2-x64

malzero/to...ep.exe

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-1.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to...-0.dll

windows11-21h2-x64

malzero/to..._1.dll

windows11-21h2-x64

malzero/to..._1.dll

windows11-21h2-x64

Analysis

max time kernel
140s
max time network
173s
platform
windows11-21h2_x64
resource
win11-20240214-en
resource tags

arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
submitted
19/02/2024, 16:38

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

2 signatures

Behavioral task

behavioral1

Sample

malzero/#.bat

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

malzero/Go to Malware Zero.url

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

malzero/Go to Virus Zero - Security Community.url

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

malzero/abs.bat

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

malzero/tools/binasc/binasc.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

malzero/tools/cmdbkg/cmdbkg.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

malzero/tools/dirhash/DirHash.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

malzero/tools/doff/doff.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

malzero/tools/grep/x64/grep.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

malzero/tools/grep/x86/grep.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

malzero/tools/jq/jq.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

malzero/tools/messagebox/MessageBox.exe

Resource

win11-20240214-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

malzero/tools/nosleep/NoSleep.exe

Resource

win11-20240214-en

upx

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

malzero/tools/openssl/api-ms-win-core-file-l1-2-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

malzero/tools/openssl/api-ms-win-core-file-l2-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

malzero/tools/openssl/api-ms-win-core-localization-l1-2-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

malzero/tools/openssl/api-ms-win-core-processthreads-l1-1-1.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

malzero/tools/openssl/api-ms-win-core-synch-l1-2-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

malzero/tools/openssl/api-ms-win-core-timezone-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

malzero/tools/openssl/api-ms-win-crt-convert-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

malzero/tools/openssl/api-ms-win-crt-environment-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

malzero/tools/openssl/api-ms-win-crt-filesystem-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

malzero/tools/openssl/api-ms-win-crt-heap-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

malzero/tools/openssl/api-ms-win-crt-locale-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

malzero/tools/openssl/api-ms-win-crt-math-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

malzero/tools/openssl/api-ms-win-crt-runtime-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

malzero/tools/openssl/api-ms-win-crt-stdio-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

malzero/tools/openssl/api-ms-win-crt-string-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

malzero/tools/openssl/api-ms-win-crt-time-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

malzero/tools/openssl/api-ms-win-crt-utility-l1-1-0.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

malzero/tools/openssl/libcrypto-1_1.dll

Resource

win11-20240214-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

malzero/tools/openssl/libssl-1_1.dll

Resource

win11-20240214-en

windows11-21h2-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

malzero/tools/openssl/api-ms-win-core-processthreads-l1-1-1.dll
Size

18KB
MD5

c2ead5fcce95a04d31810768a3d44d57
SHA1

96e791b4d217b3612b0263e8df2f00009d5af8d8
SHA256

42a9a3d8a4a7c82cb6ec42c62d3a522daa95beb01ecb776aac2bfd4aa1e58d62
SHA512

c90048481d8f0a5eda2eb6e7703b5a064f481bb7d8c78970408b374cb82e89febc2e36633f1f3e28323fb633d6a95aa1050a626cb0cb5ec62e9010491aae91f4
SSDEEP

192:QgxDfIeJWVghW/c7l9YOCAs/nGfe4pBjSfxyWNArXVWQ4mWgBHqnaj9RlS6V6Qg:JDfIeJW2hWk7QA0GftpBjxdBHlBRAky

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2196 wrote to memory of 1440	2196	rundll32.exe	78
PID 2196 wrote to memory of 1440	2196	rundll32.exe	78
PID 2196 wrote to memory of 1440	2196	rundll32.exe	78

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\malzero\tools\openssl\api-ms-win-core-processthreads-l1-1-1.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2196
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\malzero\tools\openssl\api-ms-win-core-processthreads-l1-1-1.dll,#1
  2⤵
  PID:1440

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads