Overview
overview
3Static
static
3�...ad.dll
windows7-x64
1�...ad.dll
windows10-2004-x64
1�...ib.dll
windows7-x64
1�...ib.dll
windows10-2004-x64
1�...ui.dll
windows7-x64
1�...ui.dll
windows10-2004-x64
1�...nv.dll
windows7-x64
1�...nv.dll
windows10-2004-x64
1�...ln.dll
windows7-x64
1�...ln.dll
windows10-2004-x64
1�...p3.dll
windows7-x64
1�...p3.dll
windows10-2004-x64
3�...ec.dll
windows7-x64
1�...ec.dll
windows10-2004-x64
1�...��.exe
windows7-x64
1�...��.exe
windows10-2004-x64
1Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23-03-2024 12:59
Behavioral task
behavioral1
Sample
DJ/EThread.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
DJ/EThread.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
DJ/downlib.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
DJ/downlib.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
DJ/exui.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
DJ/exui.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
DJ/iconv.dll
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
DJ/iconv.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
DJ/krnln.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
DJ/krnln.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
DJ/mp3.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
DJ/mp3.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
DJ/spec.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
DJ/spec.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
DJ/DJֺ.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
DJ/DJֺ.exe
Resource
win10v2004-20240319-en
General
-
Target
DJ/spec.dll
-
Size
72KB
-
MD5
bd6eef5ea9a52a412a8f57490d8bd8e4
-
SHA1
ab61ad7f66c5f6dfb8d28eba1833591469951870
-
SHA256
0c9e6eb8648f4bf5c585d5344035e91c3249bb9686a302503b4681b7ba828dc0
-
SHA512
1c43e50270eed071c8ef35e1c4695a93b9f98e668d4aebb44eb3b620efd2624b381554d2daf2d017f764b485e060abd589216043adea19eac94028ce66cc2025
-
SSDEEP
768:zFYJh2NrjSv4ol1WAHcTtEWC9Vm0yws7oP8NiB9EhyTWV/h2nokCqytGSgtvag/:zrrev4olRHcTtD0y7o0YUKokC7Idp
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe PID 2232 wrote to memory of 1928 2232 rundll32.exe rundll32.exe