Overview

overview

3

Static

static

3

FEAR2Mouse..._3.zip

windows10-1703-x64

1

FEAR2Mouse..._3.zip

windows10-2004-x64

1

README.md

windows10-1703-x64

3

README.md

windows10-2004-x64

3

README.pdf

windows10-1703-x64

1

README.pdf

windows10-2004-x64

1

X3DAudio1_5.dll

windows10-1703-x64

3

X3DAudio1_5.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    23-04-2024 05:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    X3DAudio1_5.dll

  • Size

    360KB

  • MD5

    056d575ee0efab6ce57318aac4c388e1

  • SHA1

    23ea544c27e47d288a82d5481b003a1f7ec3693c

  • SHA256

    d70564bf2f33e440fef53f65b795ac8cb2353301b216b7a25830682135de8400

  • SHA512

    98f20e19cecb56776aba63e428ef3f8c1466f7b0db7cd7edbdf171ad359e3032a00ae26e9c4fee34a68ef516f93555cb6726d03ba531da640085aae8f359bd62

  • SSDEEP

    6144:dCJNX3pEiPgGRu0TOr7jmv2HvxtObVco8ea56XibqBYb3wUfulcfAOzqwOsoDB:dCJNX3pEiPgEO7a2HOb7k56XimQw8kc0

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\X3DAudio1_5.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3516
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\X3DAudio1_5.dll,#1
      2⤵
        PID:4192
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4192 -s 632
          3⤵
          • Program crash
          PID:696

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads