80d21e26b7fb09b6e8095af1251045ca8542ff7f08f62736611ee2d5e0f575e1

Analysis

max time kernel
141s
max time network
124s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
26/05/2024, 01:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

suyu-windows-mingw-20240410-0de49070e4_/Qt5Widgets.dll
Size

6.0MB
MD5

981ba519e797123fe920e2d05af2b23c
SHA1

f05da3ba4de834d048944ea7368152354625d34a
SHA256

1e3a84e0bc7e23db47ee6c50f7ceda1c4f29b6a4fbf9e0d13a01e3d0c0ef03f2
SHA512

6db7fd7c1223129ade30f820b2c6190b771a1022fda2a89e555f7a861d2fbe0233d58d178989a60ee67acd52cf5379969244a7ee95a3b37fe58c55825abd5aaf
SSDEEP

98304:SLQZP5W9a3BnGI913y0X8wuUtifOEb6nGk:3R8CEm

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 1812	2188	rundll32.exe	28
PID 2188 wrote to memory of 1812	2188	rundll32.exe	28
PID 2188 wrote to memory of 1812	2188	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\suyu-windows-mingw-20240410-0de49070e4_\Qt5Widgets.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2188 -s 252
  2⤵
  PID:1812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2188-0-0x000007FEF4950000-0x000007FEF5259000-memory.dmp

Filesize
9.0MB

Download
memory/2188-3-0x000007FEFB0C0000-0x000007FEFB0E5000-memory.dmp

Filesize
148KB

Download
memory/2188-7-0x000007FEF6B80000-0x000007FEF6C14000-memory.dmp

Filesize
592KB

Download
memory/2188-6-0x000007FEFB5A0000-0x000007FEFB5AE000-memory.dmp

Filesize
56KB

Download
memory/2188-5-0x000007FEF6C20000-0x000007FEF6D18000-memory.dmp

Filesize
992KB

Download
memory/2188-4-0x000007FEFBC60000-0x000007FEFBC77000-memory.dmp

Filesize
92KB

Download
memory/2188-2-0x000007FEF5260000-0x000007FEF58AE000-memory.dmp

Filesize
6.3MB

Download
memory/2188-1-0x000007FEF58B0000-0x000007FEF5E86000-memory.dmp

Filesize
5.8MB

Download
memory/2188-9-0x000007FEFB070000-0x000007FEFB096000-memory.dmp

Filesize
152KB

Download
memory/2188-8-0x000007FEF6240000-0x000007FEF6464000-memory.dmp

Filesize
2.1MB

Download
memory/2188-10-0x000007FEF6120000-0x000007FEF6240000-memory.dmp

Filesize
1.1MB

Download
memory/2188-14-0x0000000069CC0000-0x0000000069CDC000-memory.dmp

Filesize
112KB

Download
memory/2188-19-0x000007FEF4730000-0x000007FEF47D2000-memory.dmp

Filesize
648KB

Download
memory/2188-21-0x000007FEF6730000-0x000007FEF6770000-memory.dmp

Filesize
256KB

Download
memory/2188-20-0x0000000070540000-0x000000007056F000-memory.dmp

Filesize
188KB

Download
memory/2188-18-0x000007FEF7190000-0x000007FEF71C9000-memory.dmp

Filesize
228KB

Download
memory/2188-17-0x000007FEF47E0000-0x000007FEF4943000-memory.dmp

Filesize
1.4MB

Download
memory/2188-16-0x000007FEF78D0000-0x000007FEF78FD000-memory.dmp

Filesize
180KB

Download
memory/2188-15-0x000007FEFB050000-0x000007FEFB067000-memory.dmp

Filesize
92KB

Download
memory/2188-13-0x000007FEF5F20000-0x000007FEF5FDF000-memory.dmp

Filesize
764KB

Download
memory/2188-11-0x000007FEF4950000-0x000007FEF5259000-memory.dmp

Filesize
9.0MB

Download
memory/2188-12-0x000007FEF5FE0000-0x000007FEF611B000-memory.dmp

Filesize
1.2MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads