Overview

overview

3

Static

static

3

DeviceCenter.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-05-2024 12:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DeviceCenter.dll

  • Size

    392KB

  • MD5

    1342e02044ddfe766dcdf84f0df6b444

  • SHA1

    4a939dabd7a8d941ea6d12bb1ca87b29690458ed

  • SHA256

    95057092ef37c9a35dff800bd2b15aac735e2a25cc8a059961a924c97c623e39

  • SHA512

    74b1ec85d7994d19681008558c853132ed45431acb43713c89e463e20530e4d44e49efc1bea9e8d70c7e765d357b2d785f7726eccfe2f6d711301300c4f0efe3

  • SSDEEP

    6144:EWNjhAL6Nfg1PeWEXSPS6dJZW0GpU5qG64yPP6dg33x1Kp:EMQ6hePwSK6qz46PlvU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\DeviceCenter.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4900
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\DeviceCenter.dll,#1
      2⤵
        PID:4452
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3988 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:3540

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads