Overview
overview
7Static
static
3RStudio-20...02.exe
windows10-1703-x64
7resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...ng.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1Analysis
-
max time kernel
300s -
max time network
1231s -
platform
windows10-1703_x64 -
resource
win10-20240404-es -
resource tags
arch:x64arch:x86image:win10-20240404-eslocale:es-esos:windows10-1703-x64systemwindows -
submitted
19/04/2024, 06:11
Static task
static1
Behavioral task
behavioral1
Sample
RStudio-2023.12.1-402.exe
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral2
Sample
resources/app/bin/rsclang/x86/api-ms-win-core-sysinfo-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral3
Sample
resources/app/bin/rsclang/x86/api-ms-win-core-timezone-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral4
Sample
resources/app/bin/rsclang/x86/api-ms-win-core-util-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral5
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-conio-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral6
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-convert-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral7
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-environment-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral8
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-filesystem-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral9
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-heap-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral10
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-locale-l1-1-0.dll
Resource
win10-20240319-es
windows10-1703-x64
Behavioral task
behavioral11
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-math-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral12
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-multibyte-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral13
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-private-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral14
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-process-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral15
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-runtime-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral16
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-stdio-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral17
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-string-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral18
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-time-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral19
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-utility-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral20
Sample
resources/app/bin/rsclang/x86/libclang.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral21
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-console-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral22
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-console-l1-2-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral23
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-datetime-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral24
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-debug-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral25
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-errorhandling-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral26
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-file-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral27
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-file-l1-2-0.dll
Resource
win10-20240319-es
windows10-1703-x64
Behavioral task
behavioral28
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-file-l2-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral29
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-handle-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral30
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-heap-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral31
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-interlocked-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral32
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-libraryloader-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
General
-
Target
resources/app/bin/rsclang/x86/api-ms-win-crt-filesystem-l1-1-0.dll
-
Size
21KB
-
MD5
735d7e5ae0a53b644482f5e70efeff5d
-
SHA1
8e99689cf9d24aa4268a51bd377015e9d9ad7f64
-
SHA256
e9d88aa96743aa2ff29ac8d7930ba0c8ebb21372329a1bf5926cce59a4b39f4b
-
SHA512
12239d14a634b7cdaa07e39186b674bc905f73c928db5230752407650f274bd401d10487b3ac2c426cc8da708f0ca6fbaffc2a5075e299901961bd205ad7bbd8
-
SSDEEP
384:mZ5q6nWm5CpWfhWhLm0GfL9FBulJakAUulJk:d6nWm5Ce8RYFFC
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4684 1748 WerFault.exe 73 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4720 wrote to memory of 1748 4720 rundll32.exe 73 PID 4720 wrote to memory of 1748 4720 rundll32.exe 73 PID 4720 wrote to memory of 1748 4720 rundll32.exe 73
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\resources\app\bin\rsclang\x86\api-ms-win-crt-filesystem-l1-1-0.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4720 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\resources\app\bin\rsclang\x86\api-ms-win-crt-filesystem-l1-1-0.dll,#12⤵PID:1748
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1748 -s 6203⤵
- Program crash
PID:4684
-
-