Overview

overview

8

Static

static

3

winamp5666...ux.exe

windows7-x64

8

winamp5666...ux.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LS.dll

windows7-x64

1

$PLUGINSDI...LS.dll

windows10-2004-x64

1

$PLUGINSDI...64.exe

windows7-x64

1

$PLUGINSDI...64.exe

windows10-2004-x64

1

$PLUGINSDI...64.exe

windows7-x64

$PLUGINSDI...64.exe

windows10-2004-x64

$PLUGINSDI...64.sys

windows7-x64

1

$PLUGINSDI...64.sys

windows10-2004-x64

1

$PLUGINSDI...64.exe

windows7-x64

5

$PLUGINSDI...64.exe

windows10-2004-x64

5

$PLUGINSDI...64.exe

windows7-x64

$PLUGINSDI...64.exe

windows10-2004-x64

$PLUGINSDI...2k.sys

windows7-x64

1

$PLUGINSDI...2k.sys

windows10-2004-x64

1

$PLUGINSDI...xp.sys

windows7-x64

1

$PLUGINSDI...xp.sys

windows10-2004-x64

1

$PLUGINSDI...2k.sys

windows7-x64

1

$PLUGINSDI...2k.sys

windows10-2004-x64

1

$PLUGINSDI...px.dll

windows7-x64

1

$PLUGINSDI...px.dll

windows10-2004-x64

1

$PLUGINSDI...fs.dll

windows7-x64

1

$PLUGINSDI...fs.dll

windows10-2004-x64

1

$PLUGINSDI...rv.dll

windows7-x64

1

$PLUGINSDI...rv.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 16:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/PrimoRedist/px.dll

  • Size

    682KB

  • MD5

    dbb66b386c194a58e29e49d7ebbebe65

  • SHA1

    78dced6be8870938a2c8fefb1b5b884159e5fb21

  • SHA256

    309a40e28271eee4e41cdb5cd1f83c0087702d42f9fc3a87d62f9f30dd53d68d

  • SHA512

    6a49783c86f2bdb6cb522f0e53a6e653eccb89b1a2d0d800bfae499d304cad173f621d9dad7765a13848a1e8bc4da355d94fc1a4bbf2beb5c4d999ea79257764

  • SSDEEP

    12288:YhT+GE8INwK4VhupUoh/o/mKg8+ncSFL1T5iU2DF6mHmzazrr32ceMtw/g+CB:YhSXjz8hupUotimPcSFLwjeMtw/g+CB

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\PrimoRedist\px.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\PrimoRedist\px.dll,#1
      2⤵
        PID:2140

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads