Overview

overview

3

Static

static

3

3dfx.dll

windows7-x64

1

3dfx.dll

windows10-2004-x64

1

SLAVEZERO.exe

windows7-x64

1

SLAVEZERO.exe

windows10-2004-x64

1

SlaveZero.exe

windows7-x64

1

SlaveZero.exe

windows10-2004-x64

1

d3d.dll

windows7-x64

3

d3d.dll

windows10-2004-x64

3

scripts/wCamera.dll

windows7-x64

1

scripts/wCamera.dll

windows10-2004-x64

1

scripts/wDSound.dll

windows7-x64

1

scripts/wDSound.dll

windows10-2004-x64

1

scripts/wG...pt.dll

windows7-x64

1

scripts/wG...pt.dll

windows10-2004-x64

1

scripts/wHud.dll

windows7-x64

1

scripts/wHud.dll

windows10-2004-x64

1

scripts/wInputKBM.dll

windows7-x64

1

scripts/wInputKBM.dll

windows10-2004-x64

1

scripts/z3DAudio.dll

windows7-x64

1

scripts/z3DAudio.dll

windows10-2004-x64

1

scripts/zAPC.dll

windows7-x64

1

scripts/zAPC.dll

windows10-2004-x64

1

scripts/zA...io.dll

windows7-x64

1

scripts/zA...io.dll

windows10-2004-x64

1

scripts/zA...er.dll

windows7-x64

1

scripts/zA...er.dll

windows10-2004-x64

3

scripts/zArbiter.dll

windows7-x64

1

scripts/zArbiter.dll

windows10-2004-x64

1

scripts/zAvenger.dll

windows7-x64

1

scripts/zAvenger.dll

windows10-2004-x64

1

scripts/zBeam.dll

windows7-x64

1

scripts/zBeam.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 16:42 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    scripts/zArbiter.dll

  • Size

    33KB

  • MD5

    da8ff70faa18664815bc46f5233b8c91

  • SHA1

    a551a53615a5ea564520ae853067c9c704288bee

  • SHA256

    94963dfeb096cfac8991965507919f05111a7c26bf35f7bf7f2b58ed3fe081c7

  • SHA512

    9f38425d58e8b88643f806704c2cdb9440fa2d53e04303cdae5765000d2989e84adab3fae07faeba340dacd2405d81e9b21d6d3f2aff5f3fb33b96a5cbfd367f

  • SSDEEP

    768:/ZzebXSz9duJPWijlPiO5bx8roVYB5vf2XdWkYyHZ8YPoKeisE7Zjp:eXSRduRliO5N8cV853Q7Z8+

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\scripts\zArbiter.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1568
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\scripts\zArbiter.dll,#1
      2⤵
        PID:2104

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.