Overview
overview
3Static
static
3删后缀�...�1.rar
windows7-x64
3删后缀�...�1.rar
windows10-2004-x64
3RJ01082861...s.html
windows7-x64
1RJ01082861...s.html
windows10-2004-x64
1RJ01082861...47.dll
windows10-2004-x64
3RJ01082861...eg.dll
windows7-x64
1RJ01082861...eg.dll
windows10-2004-x64
1RJ01082861...GL.dll
windows7-x64
1RJ01082861...GL.dll
windows10-2004-x64
1RJ01082861...v2.dll
windows7-x64
1RJ01082861...v2.dll
windows10-2004-x64
1RJ01082861...nt.pak
windows7-x64
3RJ01082861...nt.pak
windows10-2004-x64
3RJ01082861...nt.pak
windows7-x64
3RJ01082861...nt.pak
windows10-2004-x64
3RJ01082861...e.json
windows7-x64
3RJ01082861...e.json
windows10-2004-x64
3RJ01082861...es.pak
windows7-x64
3RJ01082861...es.pak
windows10-2004-x64
3RJ01082861...ob.bin
windows7-x64
3RJ01082861...ob.bin
windows10-2004-x64
3RJ01082861...GL.dll
windows7-x64
1RJ01082861...GL.dll
windows10-2004-x64
1RJ01082861...v2.dll
windows7-x64
1RJ01082861...v2.dll
windows10-2004-x64
1RJ01082861...mm.dll
windows7-x64
1RJ01082861...mm.dll
windows10-2004-x64
1RJ01082861...rpgmvo
windows7-x64
3RJ01082861...rpgmvo
windows10-2004-x64
3RJ01082861...rpgmvo
windows7-x64
3RJ01082861...rpgmvo
windows10-2004-x64
3RJ01082861...rpgmvo
windows7-x64
3Analysis
-
max time kernel
121s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-05-2024 08:09
Static task
static1
Behavioral task
behavioral1
Sample
删后缀解压 卷1.rar
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
删后缀解压 卷1.rar
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
RJ01082861-PC/credits.html
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral4
Sample
RJ01082861-PC/credits.html
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
RJ01082861-PC/d3dcompiler_47.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
RJ01082861-PC/ffmpeg.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral7
Sample
RJ01082861-PC/ffmpeg.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
RJ01082861-PC/libEGL.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral9
Sample
RJ01082861-PC/libEGL.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral10
Sample
RJ01082861-PC/libGLESv2.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral11
Sample
RJ01082861-PC/libGLESv2.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral12
Sample
RJ01082861-PC/nw_100_percent.pak
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral13
Sample
RJ01082861-PC/nw_100_percent.pak
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral14
Sample
RJ01082861-PC/nw_200_percent.pak
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral15
Sample
RJ01082861-PC/nw_200_percent.pak
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral16
Sample
RJ01082861-PC/package.json
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral17
Sample
RJ01082861-PC/package.json
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
RJ01082861-PC/resources.pak
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral19
Sample
RJ01082861-PC/resources.pak
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
RJ01082861-PC/snapshot_blob.bin
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral21
Sample
RJ01082861-PC/snapshot_blob.bin
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
RJ01082861-PC/swiftshader/libEGL.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral23
Sample
RJ01082861-PC/swiftshader/libEGL.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral24
Sample
RJ01082861-PC/swiftshader/libGLESv2.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral25
Sample
RJ01082861-PC/swiftshader/libGLESv2.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral26
Sample
RJ01082861-PC/winmm.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral27
Sample
RJ01082861-PC/winmm.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral28
Sample
RJ01082861-PC/www/audio/bgm/BGM_Futari.rpgmvo
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral29
Sample
RJ01082861-PC/www/audio/bgm/BGM_Futari.rpgmvo
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral30
Sample
RJ01082861-PC/www/audio/bgm/BGM_Junai1_Hinaso.rpgmvo
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral31
Sample
RJ01082861-PC/www/audio/bgm/BGM_Junai1_Hinaso.rpgmvo
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral32
Sample
RJ01082861-PC/www/audio/bgm/BGM_Junai3_Gazania.rpgmvo
Resource
win7-20240221-en
windows7-x64
General
-
Target
RJ01082861-PC/libEGL.dll
-
Size
77KB
-
MD5
abe4f600b47f8ebedf4291dcb4247ca3
-
SHA1
52f579d0b6a5d462855934671f819718853ac10b
-
SHA256
3237951e48aa59bb3ecca077f4d075cc7b414ad69e09d8e006eb36e1b38d86ab
-
SHA512
673745a5e94790534cab2e80b6e7641c3176d944ba52f542791cf16bae842e6e515348c2c5c185ca83f8aa8fc6b0994806abaa06198314fd2131a74e30a75a5c
-
SSDEEP
1536:ZxulvW1Gpq0cZ7WK+i8GpsunsW4cdWoROysCLgU:ZyqfL+kjnWorsCLh
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1260 wrote to memory of 1112 1260 rundll32.exe 28 PID 1260 wrote to memory of 1112 1260 rundll32.exe 28 PID 1260 wrote to memory of 1112 1260 rundll32.exe 28 PID 1260 wrote to memory of 1112 1260 rundll32.exe 28 PID 1260 wrote to memory of 1112 1260 rundll32.exe 28 PID 1260 wrote to memory of 1112 1260 rundll32.exe 28 PID 1260 wrote to memory of 1112 1260 rundll32.exe 28