Overview
overview
3Static
static
3�...ad.dll
windows7-x64
1�...ad.dll
windows10-2004-x64
1�...ib.dll
windows7-x64
1�...ib.dll
windows10-2004-x64
1�...ui.dll
windows7-x64
1�...ui.dll
windows10-2004-x64
1�...nv.dll
windows7-x64
1�...nv.dll
windows10-2004-x64
1�...ln.dll
windows7-x64
1�...ln.dll
windows10-2004-x64
1�...p3.dll
windows7-x64
1�...p3.dll
windows10-2004-x64
3�...ec.dll
windows7-x64
1�...ec.dll
windows10-2004-x64
1�...��.exe
windows7-x64
1�...��.exe
windows10-2004-x64
1Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
23-03-2024 12:59
Behavioral task
behavioral1
Sample
DJ/EThread.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
DJ/EThread.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
DJ/downlib.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
DJ/downlib.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
DJ/exui.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
DJ/exui.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
DJ/iconv.dll
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
DJ/iconv.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
DJ/krnln.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
DJ/krnln.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
DJ/mp3.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
DJ/mp3.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
DJ/spec.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
DJ/spec.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
DJ/DJֺ.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
DJ/DJֺ.exe
Resource
win10v2004-20240319-en
General
-
Target
DJ/iconv.dll
-
Size
928KB
-
MD5
f6a2a92194fc69858ffa9aa1557454da
-
SHA1
47dbb9abb4d83e2d21c6107c11244f8daae0cc5d
-
SHA256
1b28d05c306b575319c6fb9b08276b2204a7b569d9e540879ce67c8d17640990
-
SHA512
0bfecdc1bc39fdbb3820d88c93361af072f794a64b5394a745ce09b400badf4936dc633b4e5643bd18dc451344f91943febf1467988e9f5293e685757cd8fad0
-
SSDEEP
24576:Ouqf2FfWl8KuqGavkg3NyNIbbbIoIBAUZLY:OV+s8KuqGaX0ToIBAUZLY
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe PID 2388 wrote to memory of 2940 2388 rundll32.exe rundll32.exe