Overview
overview
3Static
static
33dfx.dll
windows7-x64
13dfx.dll
windows10-2004-x64
1SLAVEZERO.exe
windows7-x64
1SLAVEZERO.exe
windows10-2004-x64
1SlaveZero.exe
windows7-x64
1SlaveZero.exe
windows10-2004-x64
1d3d.dll
windows7-x64
3d3d.dll
windows10-2004-x64
3scripts/wCamera.dll
windows7-x64
1scripts/wCamera.dll
windows10-2004-x64
1scripts/wDSound.dll
windows7-x64
1scripts/wDSound.dll
windows10-2004-x64
1scripts/wG...pt.dll
windows7-x64
1scripts/wG...pt.dll
windows10-2004-x64
1scripts/wHud.dll
windows7-x64
1scripts/wHud.dll
windows10-2004-x64
1scripts/wInputKBM.dll
windows7-x64
1scripts/wInputKBM.dll
windows10-2004-x64
1scripts/z3DAudio.dll
windows7-x64
1scripts/z3DAudio.dll
windows10-2004-x64
1scripts/zAPC.dll
windows7-x64
1scripts/zAPC.dll
windows10-2004-x64
1scripts/zA...io.dll
windows7-x64
1scripts/zA...io.dll
windows10-2004-x64
1scripts/zA...er.dll
windows7-x64
1scripts/zA...er.dll
windows10-2004-x64
3scripts/zArbiter.dll
windows7-x64
1scripts/zArbiter.dll
windows10-2004-x64
1scripts/zAvenger.dll
windows7-x64
1scripts/zAvenger.dll
windows10-2004-x64
1scripts/zBeam.dll
windows7-x64
1scripts/zBeam.dll
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28-03-2024 16:42
Static task
static1
Behavioral task
behavioral1
Sample
3dfx.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
3dfx.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
SLAVEZERO.exe
Resource
win7-20240319-en
windows7-x64
Behavioral task
behavioral4
Sample
SLAVEZERO.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
SlaveZero.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral6
Sample
SlaveZero.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
d3d.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral8
Sample
d3d.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
scripts/wCamera.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral10
Sample
scripts/wCamera.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
scripts/wDSound.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
scripts/wDSound.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
scripts/wGameScript.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral14
Sample
scripts/wGameScript.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
scripts/wHud.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral16
Sample
scripts/wHud.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
scripts/wInputKBM.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
scripts/wInputKBM.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
scripts/z3DAudio.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral20
Sample
scripts/z3DAudio.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
scripts/zAPC.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
scripts/zAPC.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
scripts/zAmbientAudio.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral24
Sample
scripts/zAmbientAudio.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
scripts/zAnimPlayer.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral26
Sample
scripts/zAnimPlayer.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
scripts/zArbiter.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral28
Sample
scripts/zArbiter.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
scripts/zAvenger.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral30
Sample
scripts/zAvenger.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
scripts/zBeam.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral32
Sample
scripts/zBeam.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
scripts/zBeam.dll
-
Size
7KB
-
MD5
6585ea55b2219f4bfa66c32eca802658
-
SHA1
350340ea930db8a811bbc21deb1dc9e5f014b921
-
SHA256
e8afbc1657d2df978953ad7e11e173e4e381abd94e244f4b98f3f21d6b2d26fd
-
SHA512
e321b6f83e78ad6fa4ec2a0d5c717cadefdbd693580e38126fabd34e4f6aee4070ca7b20894d06802157ca007efb3b6b9bb038f5a33c5dde01e0f4ad6b2b358a
-
SSDEEP
96:t/MDxu83zk3Uf9Cv2cIoZq8yR9+7wV3BAMpE7ZmceWzh6XYDbs7:t/Ax3YkFCv2Mc8yRjBHKtPjbs
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2524 wrote to memory of 2088 2524 rundll32.exe 28 PID 2524 wrote to memory of 2088 2524 rundll32.exe 28 PID 2524 wrote to memory of 2088 2524 rundll32.exe 28 PID 2524 wrote to memory of 2088 2524 rundll32.exe 28 PID 2524 wrote to memory of 2088 2524 rundll32.exe 28 PID 2524 wrote to memory of 2088 2524 rundll32.exe 28 PID 2524 wrote to memory of 2088 2524 rundll32.exe 28