Overview

overview

7

Static

static

3

11880711c8...18.exe

windows7-x64

7

11880711c8...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ow.dll

windows7-x64

3

$PLUGINSDI...ow.dll

windows10-2004-x64

3

$R2/CrashRpt1403.dll

windows7-x64

1

$R2/CrashRpt1403.dll

windows10-2004-x64

1

$R2/CrashS...03.exe

windows7-x64

1

$R2/CrashS...03.exe

windows10-2004-x64

1

$R2/GAME.exe

windows7-x64

1

$R2/GAME.exe

windows10-2004-x64

1

$R2/SDL2.dll

windows7-x64

1

$R2/SDL2.dll

windows10-2004-x64

1

$R2/SDL2_ttf.dll

windows7-x64

1

$R2/SDL2_ttf.dll

windows10-2004-x64

1

$R2/WOL/PATCHW32.dll

windows7-x64

3

$R2/WOL/PATCHW32.dll

windows10-2004-x64

3

$R2/WOL/REGISTER.exe

windows7-x64

1

$R2/WOL/REGISTER.exe

windows10-2004-x64

1

$R2/WOL/WOLAPI.dll

windows7-x64

1

$R2/WOL/WOLAPI.dll

windows10-2004-x64

1

$R2/WOL/WO...er.dll

windows7-x64

1

$R2/WOL/WO...er.dll

windows10-2004-x64

1

$R2/WOL/unins000.exe

windows7-x64

7

$R2/WOL/unins000.exe

windows10-2004-x64

7

$R2/ddraw.dll

windows7-x64

1

$R2/ddraw.dll

windows10-2004-x64

3

$R2/libfreetype-6.dll

windows7-x64

3

$R2/libfreetype-6.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/05/2024, 04:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $R2/SDL2.dll

  • Size

    983KB

  • MD5

    ae58662a16410481b477b78b8d47460b

  • SHA1

    fb8b1ba166913c18eb00f8ca53439d0f4ee54359

  • SHA256

    a23d944bea101c574875c13883088798cfda712de969dd14f529e870a0de87da

  • SHA512

    93280d9ab366b3dfae6e40e50984764fab7be6ca6bd2b5a24d1182d67f06f9cc50203cc3d01a4232593c0c1ad03dfae56e119286d10b78d2e3d57b394bda8778

  • SSDEEP

    24576:hEbJuxlv9Sawf3oEYsTXR7fxiGmUDZ/HJkAVJcJdKll6/QTjFZLFGPQRGnx54IC5:zlv9SlEJ8C/KjFnMMvvS4

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$R2\SDL2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4208
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$R2\SDL2.dll,#1
      2⤵
        PID:3748

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads