Overview

overview

10

Static

static

10

5f01eb447c...13.dll

windows7-x64

10

5f01eb447c...13.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-04-2024 11:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f01eb447cb63c40c2d923b15c5ecb5ba47ea72e600797d5d96e228f4cf13f13.dll

  • Size

    247KB

  • MD5

    c4df0507f56e30b264c848c6096b69ae

  • SHA1

    09841dc9c6f1d2e38d104da514901fbcd028a8f9

  • SHA256

    5f01eb447cb63c40c2d923b15c5ecb5ba47ea72e600797d5d96e228f4cf13f13

  • SHA512

    56a9778bdc8a8c86a3947594502ec46136cf4ed9c7bdc71c15630659b4c310bc42a89a995a192fbde0b29f3c8cd0c31a2fd50e10cffde11b5a74fb8eadd8df92

  • SSDEEP

    6144:Kw7pPIEmwwD8xijj1WSo0+doNzpCUBlHI:kEmfAM1+doXHI

Score
10/10
beatdroploader

Malware Config

Signatures

  • BEATDROP

    BEATDROP is a loader which uses Atlassian's Trello service as C&C.

    loaderbeatdrop
  • Detects BEATDROP loader 1 IoCs
  • Blocklisted process makes network request 12 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5f01eb447cb63c40c2d923b15c5ecb5ba47ea72e600797d5d96e228f4cf13f13.dll,#1
    1⤵
    • Blocklisted process makes network request
    PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2492-0-0x00000000776E0000-0x0000000077889000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2492-1-0x00000000660C0000-0x0000000066107000-memory.dmp

    Filesize

    284KB

    Download

  • memory/2492-3-0x00000000776E0000-0x0000000077889000-memory.dmp

    Filesize

    1.7MB

    Download