Overview
overview
7Static
static
3RStudio-20...02.exe
windows10-1703-x64
7resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...ng.dll
windows10-1703-x64
3resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1resources/...-0.dll
windows10-1703-x64
1Analysis
-
max time kernel
310s -
max time network
1226s -
platform
windows10-1703_x64 -
resource
win10-20240404-es -
resource tags
arch:x64arch:x86image:win10-20240404-eslocale:es-esos:windows10-1703-x64systemwindows -
submitted
19/04/2024, 06:11
Static task
static1
Behavioral task
behavioral1
Sample
RStudio-2023.12.1-402.exe
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral2
Sample
resources/app/bin/rsclang/x86/api-ms-win-core-sysinfo-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral3
Sample
resources/app/bin/rsclang/x86/api-ms-win-core-timezone-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral4
Sample
resources/app/bin/rsclang/x86/api-ms-win-core-util-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral5
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-conio-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral6
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-convert-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral7
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-environment-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral8
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-filesystem-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral9
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-heap-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral10
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-locale-l1-1-0.dll
Resource
win10-20240319-es
windows10-1703-x64
Behavioral task
behavioral11
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-math-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral12
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-multibyte-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral13
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-private-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral14
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-process-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral15
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-runtime-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral16
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-stdio-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral17
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-string-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral18
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-time-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral19
Sample
resources/app/bin/rsclang/x86/api-ms-win-crt-utility-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral20
Sample
resources/app/bin/rsclang/x86/libclang.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral21
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-console-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral22
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-console-l1-2-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral23
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-datetime-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral24
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-debug-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral25
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-errorhandling-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral26
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-file-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral27
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-file-l1-2-0.dll
Resource
win10-20240319-es
windows10-1703-x64
Behavioral task
behavioral28
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-file-l2-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral29
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-handle-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral30
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-heap-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral31
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-interlocked-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
Behavioral task
behavioral32
Sample
resources/app/bin/rsclang/x86_64/api-ms-win-core-libraryloader-l1-1-0.dll
Resource
win10-20240404-es
windows10-1703-x64
General
-
Target
resources/app/bin/rsclang/x86/api-ms-win-crt-heap-l1-1-0.dll
-
Size
20KB
-
MD5
6521cf7e6a66c747726fd09e51a1f92d
-
SHA1
b89168c27063a2b4f81c69df4ce23f144b55bcc4
-
SHA256
dc8ae6136313ed0ee26aed6e9d3a192413d62e12c7c568fae5a7abb784ca4c72
-
SHA512
03a63ed3c2e0be3e1e918eb01e5fb722be06d8e32179782ed3f7106048f522426bda045cd3ae605a066403bded2621923a8c33d075bf8e11b58c432a69481ac2
-
SSDEEP
192:mzyY3vY17aFBR0WfhW4j240V2sms/nGfeggbtcunYqnajjhEJWWFYg7VWQ4mWBNT:mGY3eRWfhWkwLm0GfgulJiYkulJT
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2420 3416 WerFault.exe 70 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2932 wrote to memory of 3416 2932 rundll32.exe 70 PID 2932 wrote to memory of 3416 2932 rundll32.exe 70 PID 2932 wrote to memory of 3416 2932 rundll32.exe 70
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\resources\app\bin\rsclang\x86\api-ms-win-crt-heap-l1-1-0.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2932 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\resources\app\bin\rsclang\x86\api-ms-win-crt-heap-l1-1-0.dll,#12⤵PID:3416
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3416 -s 6163⤵
- Program crash
PID:2420
-
-