Analysis
-
max time kernel
128s -
max time network
142s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
-
submitted
11-04-2024 00:50
General
-
Target
$TEMP/dxredist/dsetup32.dll
-
Size
1.5MB
-
MD5
d8fa7bb4fe10251a239ed75055dd6f73
-
SHA1
76c4bd2d8f359f7689415efc15e3743d35673ae8
-
SHA256
fb0e534f9b0926e518f1c2980640dfd29f14217cdfa37cf3a0c13349127ed9a8
-
SHA512
73f633179b1340c1c14d0002b72e44cab1919d0ef174f307e4bfe6de240b0b6ef233e67a8b0a0cd677556865ee7b88c6de152045a580ab9fbf1a50d2db0673b4
-
SSDEEP
24576:CIQ+ddddddddddddddxOOOOOOOOOOOOOO2iWeXiWeXiWeXiWeXiWeXiWeXiWeXi+:CIQsOOOOOOOOOOOOOO2iWeXiWeXiWeXf
Malware Config
Signatures
-
Drops file in Windows directory 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$TEMP\dxredist\dsetup32.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$TEMP\dxredist\dsetup32.dll,#12⤵
- Drops file in Windows directory
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
186B
MD5bf50890b865f775c9f91c88ec2735610
SHA1b883c581753978410b7f5350bd4e73774d2edfcc
SHA256bb851d23b7bcf5bf4c32cb4b7629d729ff91a54801792e8327a3bca377c6eae7
SHA512602f6634f9a0836c18c10216ac4182a26a5c67c93ca8aeff6328ccbc91bb3677b208384a49d772dab26a7da7f54afbdbb98160306dacfb41506f1c2e09361aba
-
Filesize
679B
MD56d15734249b1ea7920bdabe7c8b5b27b
SHA1faf66ad0467909e5a4641b8efc81f4d03e12cad9
SHA2564a1aac91c68ee9fbe9914468b55dd8f09eb16bd85f4b400a2be8b99f196e8beb
SHA51211e438209dabbb4827c16e69f85470e2edad8202951d0510d50b9c8f503ab4032c7c4765e66610bc88533237e465a6c6f29d4252376e7d4717e99c36d1c2740b