Overview

overview

10

Static

static

1

FL64 (scaled).exe

windows7-x64

5

FL64 (scaled).exe

windows10-2004-x64

5

FL64.exe

windows7-x64

5

FL64.exe

windows10-2004-x64

5

FLEngine_x64.dll

windows7-x64

10

FLEngine_x64.dll

windows10-2004-x64

5

FLEngine_x...y1.dll

windows7-x64

5

FLEngine_x...y1.dll

windows10-2004-x64

5

FLEngine_x...y2.dll

windows7-x64

5

FLEngine_x...y2.dll

windows10-2004-x64

5

FLEngine_x...y3.dll

windows7-x64

5

FLEngine_x...y3.dll

windows10-2004-x64

5

FLEngine_x...y4.dll

windows7-x64

5

FLEngine_x...y4.dll

windows10-2004-x64

5

FLEngine_x...y5.dll

windows7-x64

5

FLEngine_x...y5.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    120s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 18:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FLEngine_x64_Copy4.dll

  • Size

    63.3MB

  • MD5

    06bb6dde5c9adbac93470ed86ce7d5ff

  • SHA1

    46fc43590d6d4c4f04f23ab0eb6f8f602e7e731a

  • SHA256

    2a44a8af200c4ee36de4b0f91471ffca82ce25e0fe90401d64a9d4c01b9f9525

  • SHA512

    5399dbdf1c523ae86956b3a774996cbe0276fb1ca08919564f7669e8cb695711dc9830cbf751cf4479d2bb08f982193c22e00a8be34c5466c9567287a45d8c23

  • SSDEEP

    786432:iJfMakY21meWZcB9fM/4F+cJ/HKYVVCmS0fkrw632FfsjA2E27Dy:ek+W/FRsYVV0/rVmEE2h7+

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\FLEngine_x64_Copy4.dll,#1
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2040-0-0x0000000077570000-0x0000000077572000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2040-4-0x0000000077570000-0x0000000077572000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2040-5-0x000000006F920000-0x00000000739A7000-memory.dmp

    Filesize

    64.5MB

    Download

  • memory/2040-2-0x0000000077570000-0x0000000077572000-memory.dmp

    Filesize

    8KB

    Download