Overview
overview
3Static
static
33dfx.dll
windows7-x64
13dfx.dll
windows10-2004-x64
1SLAVEZERO.exe
windows7-x64
1SLAVEZERO.exe
windows10-2004-x64
1SlaveZero.exe
windows7-x64
1SlaveZero.exe
windows10-2004-x64
1d3d.dll
windows7-x64
3d3d.dll
windows10-2004-x64
3scripts/wCamera.dll
windows7-x64
1scripts/wCamera.dll
windows10-2004-x64
1scripts/wDSound.dll
windows7-x64
1scripts/wDSound.dll
windows10-2004-x64
1scripts/wG...pt.dll
windows7-x64
1scripts/wG...pt.dll
windows10-2004-x64
1scripts/wHud.dll
windows7-x64
1scripts/wHud.dll
windows10-2004-x64
1scripts/wInputKBM.dll
windows7-x64
1scripts/wInputKBM.dll
windows10-2004-x64
1scripts/z3DAudio.dll
windows7-x64
1scripts/z3DAudio.dll
windows10-2004-x64
1scripts/zAPC.dll
windows7-x64
1scripts/zAPC.dll
windows10-2004-x64
1scripts/zA...io.dll
windows7-x64
1scripts/zA...io.dll
windows10-2004-x64
1scripts/zA...er.dll
windows7-x64
1scripts/zA...er.dll
windows10-2004-x64
3scripts/zArbiter.dll
windows7-x64
1scripts/zArbiter.dll
windows10-2004-x64
1scripts/zAvenger.dll
windows7-x64
1scripts/zAvenger.dll
windows10-2004-x64
1scripts/zBeam.dll
windows7-x64
1scripts/zBeam.dll
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 16:42
Static task
static1
Behavioral task
behavioral1
Sample
3dfx.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
3dfx.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
SLAVEZERO.exe
Resource
win7-20240319-en
windows7-x64
Behavioral task
behavioral4
Sample
SLAVEZERO.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
SlaveZero.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral6
Sample
SlaveZero.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
d3d.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral8
Sample
d3d.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
scripts/wCamera.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral10
Sample
scripts/wCamera.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
scripts/wDSound.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
scripts/wDSound.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
scripts/wGameScript.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral14
Sample
scripts/wGameScript.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
scripts/wHud.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral16
Sample
scripts/wHud.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
scripts/wInputKBM.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
scripts/wInputKBM.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
scripts/z3DAudio.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral20
Sample
scripts/z3DAudio.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
scripts/zAPC.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
scripts/zAPC.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
scripts/zAmbientAudio.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral24
Sample
scripts/zAmbientAudio.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
scripts/zAnimPlayer.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral26
Sample
scripts/zAnimPlayer.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
scripts/zArbiter.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral28
Sample
scripts/zArbiter.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
scripts/zAvenger.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral30
Sample
scripts/zAvenger.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
scripts/zBeam.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral32
Sample
scripts/zBeam.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
scripts/zArbiter.dll
-
Size
33KB
-
MD5
da8ff70faa18664815bc46f5233b8c91
-
SHA1
a551a53615a5ea564520ae853067c9c704288bee
-
SHA256
94963dfeb096cfac8991965507919f05111a7c26bf35f7bf7f2b58ed3fe081c7
-
SHA512
9f38425d58e8b88643f806704c2cdb9440fa2d53e04303cdae5765000d2989e84adab3fae07faeba340dacd2405d81e9b21d6d3f2aff5f3fb33b96a5cbfd367f
-
SSDEEP
768:/ZzebXSz9duJPWijlPiO5bx8roVYB5vf2XdWkYyHZ8YPoKeisE7Zjp:eXSRduRliO5N8cV853Q7Z8+
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1568 wrote to memory of 2104 1568 rundll32.exe 28 PID 1568 wrote to memory of 2104 1568 rundll32.exe 28 PID 1568 wrote to memory of 2104 1568 rundll32.exe 28 PID 1568 wrote to memory of 2104 1568 rundll32.exe 28 PID 1568 wrote to memory of 2104 1568 rundll32.exe 28 PID 1568 wrote to memory of 2104 1568 rundll32.exe 28 PID 1568 wrote to memory of 2104 1568 rundll32.exe 28