Overview
overview
3Static
static
3�...ad.dll
windows7-x64
1�...ad.dll
windows10-2004-x64
1�...ib.dll
windows7-x64
1�...ib.dll
windows10-2004-x64
1�...ui.dll
windows7-x64
1�...ui.dll
windows10-2004-x64
1�...nv.dll
windows7-x64
1�...nv.dll
windows10-2004-x64
1�...ln.dll
windows7-x64
1�...ln.dll
windows10-2004-x64
1�...p3.dll
windows7-x64
1�...p3.dll
windows10-2004-x64
3�...ec.dll
windows7-x64
1�...ec.dll
windows10-2004-x64
1�...��.exe
windows7-x64
1�...��.exe
windows10-2004-x64
1Analysis
-
max time kernel
133s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
23-03-2024 12:59
Behavioral task
behavioral1
Sample
DJ/EThread.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
DJ/EThread.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
DJ/downlib.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
DJ/downlib.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
DJ/exui.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
DJ/exui.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
DJ/iconv.dll
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
DJ/iconv.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
DJ/krnln.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
DJ/krnln.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
DJ/mp3.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
DJ/mp3.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
DJ/spec.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
DJ/spec.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
DJ/DJֺ.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
DJ/DJֺ.exe
Resource
win10v2004-20240319-en
General
-
Target
DJ/exui.dll
-
Size
3.0MB
-
MD5
02d1ad1610384c574984bcf42db4cd07
-
SHA1
a3ce8f2e27231a4447fd262fdc2af92de1dd8cfe
-
SHA256
226a42db5a80dddcafef3897a4e3b017c984bb3466ab9ccb1d1767ad574845a3
-
SHA512
a4d77a019f2a6ba66a3dbce855c5feefae986e417b1d068047c9fbde81aa4cbe3c4700bca6d35e660a02666e216b5d02d778131927c25d0576164357876dea0a
-
SSDEEP
24576:dnlYDWw2uPN7h61tsZGsMZkD0VD+7mvy1zkk/r7VxoHDx5njiAvCkA6YRp+oM2MM:dF1+ULkj73cCioCC
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3168 wrote to memory of 4976 3168 rundll32.exe rundll32.exe PID 3168 wrote to memory of 4976 3168 rundll32.exe rundll32.exe PID 3168 wrote to memory of 4976 3168 rundll32.exe rundll32.exe