Overview

overview

7

Static

static

3

JIGUtility...zip.7z

windows10-2004-x64

7

JIGUtility...12.zip

windows10-2004-x64

1

JIGUtility....2.pdf

windows10-2004-x64

1

JIGUtility...SC.pdf

windows10-2004-x64

1

JIGUtility...PS.cmd

windows10-2004-x64

1

JIGUtility...LS.cmd

windows10-2004-x64

1

JIGUtility...rd.exe

windows10-2004-x64

1

JIGUtility...OP.pdf

windows10-2004-x64

1

JIGUtility...CT.exe

windows10-2004-x64

1

JIGUtility...CT.lua

windows10-2004-x64

3

JIGUtility...signed

windows10-2004-x64

3

JIGUtility...64.sys

windows10-2004-x64

1

JIGUtility...de.ini

windows10-2004-x64

1

JIGUtility...rm.ini

windows10-2004-x64

1

JIGUtility...de.ini

windows10-2004-x64

1

JIGUtility...re.dll

windows10-2004-x64

3

JIGUtility...e4.dll

windows10-2004-x64

3

JIGUtility...me.txt

windows10-2004-x64

1

JIGUtility...og.dll

windows10-2004-x64

1

JIGUtility...00.dll

windows10-2004-x64

3

JIGUtility...00.dll

windows10-2004-x64

3

JIGUtility...un.bat

windows10-2004-x64

1

JIGUtility....0.exe

windows10-2004-x64

7

JIGUtility...NV.pdf

windows10-2004-x64

1

JIGUtility...me.txt

windows10-2004-x64

1

Resubmissions

02-04-2024 18:02

240402-wmv86shb83 7

02-04-2024 17:49

240402-wd8g5sgh3s 7

Analysis

  • max time kernel
    1563s
  • max time network
    1571s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-04-2024 18:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JIGUtility_V2.0.8.0_20230112/ASUSR_ParsingRecord/ASUSR_ParsingRecord/encryptlog.dll

  • Size

    8KB

  • MD5

    247428532adad99033a09269e22ae413

  • SHA1

    260bbc18ed9eb0c3d3cb8fd0b6a04f4e020de55e

  • SHA256

    02fc1b602e832f2448c061a8d2496180ff7dc63979c111056155a2b75d3e4122

  • SHA512

    5bb9380b22c050c7591bc9dc578fb2c6ea72bf601022c7ccb55dda9a55f3899a7370c2c67f66092851c711ad1346976c36ab7d54bd484b54fda0d7d01cc6fef8

  • SSDEEP

    192:jWJLsEbrSYSWDXOXGKiMQ03X73s4Fm74:GLsEbnxXO0Mdr3HT

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\JIGUtility_V2.0.8.0_20230112\ASUSR_ParsingRecord\ASUSR_ParsingRecord\encryptlog.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3304
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\JIGUtility_V2.0.8.0_20230112\ASUSR_ParsingRecord\ASUSR_ParsingRecord\encryptlog.dll,#1
      2⤵
        PID:2148

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads