Analysis

  • max time kernel
    137s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-05-2024 07:17

General

  • Target

    $TEMP/public_ftp/VB7TLDUI.dll

  • Size

    15KB

  • MD5

    0e492f70d49ed66ff7471d87c59f3489

  • SHA1

    b35d34c232903f4ff0aa8de5082d1bccdd78cf67

  • SHA256

    c94c8a2709401aad4a1e59ef412db3c12aff855b85fcdfe635e70b0ea2420aa1

  • SHA512

    1f796a2c1360a41a7558b57043c09b2ebeef5fdeaab71cc53af0d28d9b467f43d5a6aee9b4adb0f17adee5f1d4458dbe9e374815fe434f8e8c278fe829a909d6

  • SSDEEP

    192:laUmA3jzxOnLkv6N3Xz6vrkonZCwnRDcWWqf7L/CldolMvMjGwPgMvws+ebMNOk9:AncYD6LIwnVcWjTLCcY+wCbsOc9j

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$TEMP\public_ftp\VB7TLDUI.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$TEMP\public_ftp\VB7TLDUI.dll,#1
      2⤵
        PID:2576

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads