Overview
overview
3Static
static
33dfx.dll
windows7-x64
13dfx.dll
windows10-2004-x64
1SLAVEZERO.exe
windows7-x64
1SLAVEZERO.exe
windows10-2004-x64
1SlaveZero.exe
windows7-x64
1SlaveZero.exe
windows10-2004-x64
1d3d.dll
windows7-x64
3d3d.dll
windows10-2004-x64
3scripts/wCamera.dll
windows7-x64
1scripts/wCamera.dll
windows10-2004-x64
1scripts/wDSound.dll
windows7-x64
1scripts/wDSound.dll
windows10-2004-x64
1scripts/wG...pt.dll
windows7-x64
1scripts/wG...pt.dll
windows10-2004-x64
1scripts/wHud.dll
windows7-x64
1scripts/wHud.dll
windows10-2004-x64
1scripts/wInputKBM.dll
windows7-x64
1scripts/wInputKBM.dll
windows10-2004-x64
1scripts/z3DAudio.dll
windows7-x64
1scripts/z3DAudio.dll
windows10-2004-x64
1scripts/zAPC.dll
windows7-x64
1scripts/zAPC.dll
windows10-2004-x64
1scripts/zA...io.dll
windows7-x64
1scripts/zA...io.dll
windows10-2004-x64
1scripts/zA...er.dll
windows7-x64
1scripts/zA...er.dll
windows10-2004-x64
3scripts/zArbiter.dll
windows7-x64
1scripts/zArbiter.dll
windows10-2004-x64
1scripts/zAvenger.dll
windows7-x64
1scripts/zAvenger.dll
windows10-2004-x64
1scripts/zBeam.dll
windows7-x64
1scripts/zBeam.dll
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
131s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 16:42
Static task
static1
Behavioral task
behavioral1
Sample
3dfx.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
3dfx.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
SLAVEZERO.exe
Resource
win7-20240319-en
windows7-x64
Behavioral task
behavioral4
Sample
SLAVEZERO.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
SlaveZero.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral6
Sample
SlaveZero.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
d3d.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral8
Sample
d3d.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
scripts/wCamera.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral10
Sample
scripts/wCamera.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
scripts/wDSound.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
scripts/wDSound.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
scripts/wGameScript.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral14
Sample
scripts/wGameScript.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
scripts/wHud.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral16
Sample
scripts/wHud.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
scripts/wInputKBM.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
scripts/wInputKBM.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
scripts/z3DAudio.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral20
Sample
scripts/z3DAudio.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
scripts/zAPC.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
scripts/zAPC.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
scripts/zAmbientAudio.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral24
Sample
scripts/zAmbientAudio.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
scripts/zAnimPlayer.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral26
Sample
scripts/zAnimPlayer.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
scripts/zArbiter.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral28
Sample
scripts/zArbiter.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
scripts/zAvenger.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral30
Sample
scripts/zAvenger.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
scripts/zBeam.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral32
Sample
scripts/zBeam.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
scripts/zAnimPlayer.dll
-
Size
6KB
-
MD5
3fe41d9d7d104912ca2d0660825e4ccb
-
SHA1
cc0790c29d6c7f363a245578e59be1cb5416fc88
-
SHA256
cb349ffb36ba18289051d8287f8d640e11604eb990ac9317ac811769db281e68
-
SHA512
07b0ec6cf12b21133c5b268557df304bfb95c026b229c3ce3dfd95d09ad24d53e719302fe5d995758bf3a4f003a3311b8141242c4c9bffc4115a4fc8344234ee
-
SSDEEP
96:slYmg8QiwVe2pd4dzhNv4zevR66f4uS4J2XQ:saBeMd4/df4oJ2g
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2356 wrote to memory of 2392 2356 rundll32.exe 28 PID 2356 wrote to memory of 2392 2356 rundll32.exe 28 PID 2356 wrote to memory of 2392 2356 rundll32.exe 28 PID 2356 wrote to memory of 2392 2356 rundll32.exe 28 PID 2356 wrote to memory of 2392 2356 rundll32.exe 28 PID 2356 wrote to memory of 2392 2356 rundll32.exe 28 PID 2356 wrote to memory of 2392 2356 rundll32.exe 28