Overview

overview

3

Static

static

3

pugdogrun/GdiPlus.dll

windows7-x64

3

pugdogrun/GdiPlus.dll

windows10-2004-x64

3

pugdogrun/Idle.dll

windows7-x64

1

pugdogrun/Idle.dll

windows10-2004-x64

1

pugdogrun/...ce.dll

windows7-x64

3

pugdogrun/...ce.dll

windows10-2004-x64

3

pugdogrun/KTLog.dll

windows7-x64

3

pugdogrun/KTLog.dll

windows10-2004-x64

3

pugdogrun/...��.exe

windows7-x64

1

pugdogrun/...��.exe

windows10-2004-x64

1

pugdogrun/Support.dll

windows7-x64

3

pugdogrun/Support.dll

windows10-2004-x64

3

pugdogrun/mfc90.dll

windows7-x64

1

pugdogrun/mfc90.dll

windows10-2004-x64

1

pugdogrun/...hs.dll

windows7-x64

1

pugdogrun/...hs.dll

windows10-2004-x64

1

pugdogrun/...nu.dll

windows7-x64

1

pugdogrun/...nu.dll

windows10-2004-x64

1

pugdogrun/msctfm.exe

windows7-x64

1

pugdogrun/msctfm.exe

windows10-2004-x64

1

pugdogrun/msvcp90.dll

windows7-x64

1

pugdogrun/msvcp90.dll

windows10-2004-x64

1

pugdogrun/msvcr90.dll

windows7-x64

1

pugdogrun/msvcr90.dll

windows10-2004-x64

1

pugdogrun/pugdog.exe

windows7-x64

1

pugdogrun/pugdog.exe

windows10-2004-x64

1

pugdogrun/...��.url

windows7-x64

1

pugdogrun/...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/03/2024, 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pugdogrun/Idle.dll

  • Size

    40KB

  • MD5

    a61d1391792765eb347e616918adb5e8

  • SHA1

    2a12d12c1652c1380c801e2ba24aeff176c53493

  • SHA256

    a9130259952b760be208a07df8d024faa0f33baa78c04d7350e8e05ad683739c

  • SHA512

    21fa836f11a09ac6fb3e8b6d4df2e957b735d78608fd37f830dbd92ebd10d2732a4b8c87fa8001de2b6601e92ab41d8a09d2e669de8e2c3dc78228b551d5ee40

  • SSDEEP

    384:ZlDetDGh2L3XAUPvxoBWRldT+dYM0DqOKwnEsL:ZlDeZGo3QcldTAYM0DqOK0H

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\pugdogrun\Idle.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\pugdogrun\Idle.dll,#1
      2⤵
        PID:740

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads