Overview

overview

7

Static

static

3

sr-bandlet...ry.iso

windows7-x64

3

sr-bandlet...ry.iso

windows10-2004-x64

3

out.iso

windows7-x64

1

out.iso

windows10-2004-x64

1

SKIDROW/Ba...64.dll

windows7-x64

7

SKIDROW/Ba...64.dll

windows10-2004-x64

7

SKIDROW/Ba...pi.ini

windows7-x64

1

SKIDROW/Ba...pi.ini

windows10-2004-x64

1

SKIDROW/Ba...64.dll

windows7-x64

7

SKIDROW/Ba...64.dll

windows10-2004-x64

7

SKIDROW/Ba...64.dll

windows7-x64

1

SKIDROW/Ba...64.dll

windows10-2004-x64

1

SKIDROW/Ba...64.dll

windows7-x64

1

SKIDROW/Ba...64.dll

windows10-2004-x64

1

autorun.inf

windows7-x64

1

autorun.inf

windows10-2004-x64

1

setup.exe

windows7-x64

7

setup.exe

windows10-2004-x64

7

skidrow.bin

windows7-x64

3

skidrow.bin

windows10-2004-x64

3

Analysis

  • max time kernel
    114s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/02/2024, 23:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKIDROW/Bandle Tale_Data/Plugins/x86_64/steam_api64.dll

  • Size

    291KB

  • MD5

    4fab60a16aefe38b56817e8dd2b98bcf

  • SHA1

    44013e54a990f6b0cdb3da44248729bce4ce903e

  • SHA256

    af1ae1533ddb0e8842d1f806118b230df8b8e6179acff6c1c36a986beb219799

  • SHA512

    c155d5aa1f61cb47c6cfeb22b3715890f0169f72b67056cc94cef71d7226392d451e9fb488ce45abcc2457aba311ed8c918e879e79401125f47bc6d813ad3c1f

  • SSDEEP

    3072:B8Y+BDOgGIWcXSEJeRhqTMdU55UuT7+7JtN3RUOj65lhTbCMTiGu2ZvJpKCZyq+B:BYPNrQheMW5vTKxRo8CgCZyqO2CMHOYS

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\SKIDROW\Bandle Tale_Data\Plugins\x86_64\steam_api64.dll",#1
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    PID:4556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\SKIDROW\Bandle Tale_Data\Plugins\x86_64\steam_api.ini
    Filesize

    1KB

    MD5

    a3ae6379f71300e8f3de6d201c727c2d

    SHA1

    a6ede93514a08b173f242d22be4f9cd82da1ed6e

    SHA256

    bf5fd4359abb46c667f7a138e5bffc6e5657797db1a7cd7b3fca0525850241d9

    SHA512

    4aeeae3f24c62ee67568e46ea421f3172d03bffa5687caddc6c4e1ed06af02ce771ed5dd73ebb08ebcdb161c569000bedb0ce1c86ab918dfa69551ecafffcbd9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\tier0_s64.dll
    Filesize

    291KB

    MD5

    f3db5801dc9b75da671b39041e2e8bcf

    SHA1

    40d0ae44e090db49b2309fb152fbd3e11124a376

    SHA256

    a44e5537939ae4eebc69000589aa9b2437a667813a1657cc779198bae9b815a9

    SHA512

    9abeb8542ce48f3d263e9924a82cafa80b42b730636f1df6e594679482b6638997563b5d752d5505f25596a5d0e2f56f1255e4a94bb9523d47c180bc131e22f9

    Download Submit

  • memory/4556-15-0x00007FF931F40000-0x00007FF931F41000-memory.dmp

    Filesize

    4KB

    Download