Overview

overview

7

Static

static

7

readme.url

windows7-x64

6

readme.url

windows10-2004-x64

3

下载王w...om.url

windows7-x64

1

下载王w...om.url

windows10-2004-x64

1

易语言�...EL.dll

windows7-x64

7

易语言�...EL.dll

windows10-2004-x64

7

易语言�...xt.dll

windows7-x64

1

易语言�...xt.dll

windows10-2004-x64

1

易语言�...t2.dll

windows7-x64

1

易语言�...t2.dll

windows10-2004-x64

1

易语言�...et.dll

windows7-x64

1

易语言�...et.dll

windows10-2004-x64

1

易语言�...ln.dll

windows7-x64

1

易语言�...ln.dll

windows10-2004-x64

1

易语言�...p3.dll

windows7-x64

1

易语言�...p3.dll

windows10-2004-x64

1

易语言�...ec.dll

windows7-x64

1

易语言�...ec.dll

windows10-2004-x64

1

易语言�....0.exe

windows7-x64

1

易语言�....0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    62s
  • max time network
    52s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-04-2024 09:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    易语言邮箱客户端/pop3.dll

  • Size

    164KB

  • MD5

    68a3720cb4bb5d079b90867177a7bbf3

  • SHA1

    75f5b5de69757293dae3eff7c5561938f7c1dc4d

  • SHA256

    ffb23a6c07ee55e2801761faaa6160c1529ad3d17797a9e1e549c3a493e53fc3

  • SHA512

    d1cdad2b7ad241ff5df7298baa854f13d71d1e5a1c61998905228636ce4f11d792ce429b39337c7f70385c6f3995c68f2fce4ace1ce80d551f1ae29d61028a5c

  • SSDEEP

    3072:/ipEtFbthgqh3hN/UtuYWctn99gh0Y8qOF8mvdo7U:/ipwb/gqh3hdUtGct92h0YGSU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\易语言邮箱客户端\pop3.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4912
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\易语言邮箱客户端\pop3.dll,#1
      2⤵
        PID:412

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads