Overview

overview

7

Static

static

3

HandBrake-...UI.exe

windows7-x64

4

HandBrake-...UI.exe

windows10-2004-x64

5

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

HandBrake.Worker.exe

windows7-x64

1

HandBrake.Worker.exe

windows10-2004-x64

1

HandBrake.exe

windows7-x64

1

HandBrake.exe

windows10-2004-x64

7

hb.dll

windows7-x64

1

hb.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29-04-2024 04:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hb.dll

  • Size

    66.1MB

  • MD5

    d3f0f312725a18d683820cd9def15860

  • SHA1

    521a515d3683e4c37500fcd6576aa19bffa0e512

  • SHA256

    0af40481a7c392c68069b1a8c225beb3e7062760131ae09bad467d84b09c1862

  • SHA512

    08a346c13f9c602e8ff51c3f461dc9002dc5ac1f16e975e53f39e094d9fa7f7934e7ef63daaedf10d0524b80308dd6ee792e706b3999cafa0fd07ce4f76ce2e0

  • SSDEEP

    393216:trqy505Di6M+Ak+rymPyujJ6ze7jyIoPkoQBgTgrti6o0rYEtHTghJL5FR0J2KBg:trV6M+Ak+GRWjyItng8YGmNFWv/dZw

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\hb.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2352 -s 184
      2⤵
        PID:2064

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2352-0-0x000007FEDC970000-0x000007FEE2339000-memory.dmp

      Filesize

      89.8MB

      Download