Overview

overview

7

Static

static

3

$RON9VYX.exe

windows7-x64

7

$RON9VYX.exe

windows10-2004-x64

4

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...id.dll

windows7-x64

3

$PLUGINSDI...id.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

1

$R0.dll

windows10-2004-x64

1

$R2/NSIS.L...0_.exe

windows7-x64

1

$R2/NSIS.L...0_.exe

windows10-2004-x64

1

GPL.html

windows7-x64

1

GPL.html

windows10-2004-x64

1

filezilla.exe

windows7-x64

7

filezilla.exe

windows10-2004-x64

7

fzputtygen.exe

windows7-x64

1

fzputtygen.exe

windows10-2004-x64

1

fzsftp.exe

windows7-x64

1

fzsftp.exe

windows10-2004-x64

1

fzstorj.exe

windows7-x64

1

fzstorj.exe

windows10-2004-x64

1

libfilezilla-43.dll

windows7-x64

1

libfilezilla-43.dll

windows10-2004-x64

1

libfzclien...-0.dll

windows7-x64

1

libfzclien...-0.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-05-2024 15:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libfzclient-commonui-private-3-67-0.dll

  • Size

    611KB

  • MD5

    bcb38d316fbaea52928113c15d34e4f9

  • SHA1

    aa9acb9b154e9e9bc9142fd72f395b2c5ec6c645

  • SHA256

    204f83f6bbdb707ddad08949403512035f30c10dea6f034b2d41c065f0255f3e

  • SHA512

    d962d466ab4af8d9434d4ed1888331effaf6a1a0dc5d091c01a054c50283c7a739bfb615b762e1e806a9a70f8451d08e5ffdaba3393fabf6f2a6c878fa4e19f0

  • SSDEEP

    6144:7c1+MmxFlHVyQdpwaWJ8eho2e3zrJ2gLo4MVnmmaPyq8ub0LqDnKw37gn4+tc1Hp:+mxFl1yQpSgJgjVmPPygUoKw37f+tcCE

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\libfzclient-commonui-private-3-67-0.dll,#1
    1⤵
      PID:532

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/532-2-0x00007FF956DA0000-0x00007FF956EFD000-memory.dmp

      Filesize

      1.4MB

      Download

    • memory/532-7-0x00007FF94D6E0000-0x00007FF94D735000-memory.dmp

      Filesize

      340KB

      Download

    • memory/532-8-0x00007FF9471A0000-0x00007FF9473B3000-memory.dmp

      Filesize

      2.1MB

      Download

    • memory/532-6-0x00007FF956650000-0x00007FF956699000-memory.dmp

      Filesize

      292KB

      Download

    • memory/532-4-0x00007FF9473C0000-0x00007FF947464000-memory.dmp

      Filesize

      656KB

      Download

    • memory/532-3-0x00007FF9566A0000-0x00007FF95678F000-memory.dmp

      Filesize

      956KB

      Download

    • memory/532-1-0x00007FF95E8C0000-0x00007FF95E8E1000-memory.dmp

      Filesize

      132KB

      Download

    • memory/532-0-0x00007FF956FC0000-0x00007FF95705E000-memory.dmp

      Filesize

      632KB

      Download

    • memory/532-5-0x00007FF947470000-0x00007FF947657000-memory.dmp

      Filesize

      1.9MB

      Download