Overview

overview

3

Static

static

3

PlantsVsZo...gm.exe

windows7-x64

1

PlantsVsZo...gm.exe

windows10-2004-x64

1

PlantsVsZo...ri.exe

windows7-x64

1

PlantsVsZo...ri.exe

windows10-2004-x64

1

bass.dll

windows7-x64

1

bass.dll

windows10-2004-x64

1

bass_b_2.dll

windows7-x64

1

bass_b_2.dll

windows10-2004-x64

1

gdi42.dll

windows7-x64

1

gdi42.dll

windows10-2004-x64

1

reanim/AC_...ent.js

windows7-x64

1

reanim/AC_...ent.js

windows10-2004-x64

1

samp.dll

windows7-x64

1

samp.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-04-2024 16:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bass.dll

  • Size

    90KB

  • MD5

    6731f160e001bb85ba930574b8d42776

  • SHA1

    aa2b48c55d9350be1ccf1dce921c33100e627378

  • SHA256

    3627adef7e04dd7aa9b8e116d0afc11dcee40d0e09d573210a4f86bdc81a80b6

  • SHA512

    07ae0cb85464b015b35e6157228775a6ac66e5e62a1b47f9395307b61176b6df835e00a1518846507718acffc271263008cc8a9b2c1e8a0192c5438774e12437

  • SSDEEP

    1536:lyKkZPP882+8hMJ8Y8bRVYvVqGWWkaloy4bFcx/Rus5Ay6X0T3VzkxH9J:NmNN8bRVYNqGzCy8RQwXQ3pKdJ

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\bass.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4068
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\bass.dll,#1
      2⤵
        PID:4352

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4352-0-0x0000000010000000-0x0000000010041000-memory.dmp

      Filesize

      260KB

      Download