Overview

overview

5

Static

static

3

R3nzSkin/R3nzSkin.dll

windows11-21h2-x64

5

R3nzSkin/pZxBhFcO.exe

windows11-21h2-x64

1

Resubmissions

22-02-2024 11:52

240222-n169lagf8w 5

22-02-2024 11:49

240222-ny4exsha97 6

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-02-2024 11:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    R3nzSkin/R3nzSkin.dll

  • Size

    743KB

  • MD5

    ae236f0b75d2fc9ef9bd5f8ee7b42237

  • SHA1

    18ce44a1406e5e050c4e4b714f09cbfc61a8aa37

  • SHA256

    f35963ddb24aa1152029f6aa1ffbb41b7f4b0ba6e67db694489960f5f5d8051b

  • SHA512

    d072330966d10b277e1117d1e9a4b2f108461e57ce46226aa23b37e7e13cdfc342ca325c22f8e889f0398e2938aadd7a7197fb10bfefabd489bbb30fe6ed16e3

  • SSDEEP

    12288:uLv0kWITsKjQhagM7/kICy2G5YhwLUP7EOVNPtZkicIn7oql:uAUQhaL7/kePLyYkNlGicIn7

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\R3nzSkin\R3nzSkin.dll,#1
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:1920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads