Overview

overview

9

Static

static

9

360Base64.dll

windows7-x64

1

360Base64.dll

windows10-2004-x64

1

7za.dll

windows7-x64

1

7za.dll

windows10-2004-x64

3

DumpCreator_x64.exe

windows7-x64

1

DumpCreator_x64.exe

windows10-2004-x64

1

DumpUper.exe

windows7-x64

6

DumpUper.exe

windows10-2004-x64

6

GameMemoryOpt.dll

windows7-x64

1

GameMemoryOpt.dll

windows10-2004-x64

1

GameMemoryOpt_x64.dll

windows7-x64

4

GameMemoryOpt_x64.dll

windows10-2004-x64

4

LDSGameHal...ll.exe

windows7-x64

6

LDSGameHal...ll.exe

windows10-2004-x64

6

LDSGamePla...or.dll

windows7-x64

1

LDSGamePla...or.dll

windows10-2004-x64

1

LDSGameVer.dll

windows7-x64

1

LDSGameVer.dll

windows10-2004-x64

1

Plugin/Con...er.dll

windows7-x64

1

Plugin/Con...er.dll

windows10-2004-x64

1

Plugin/Con...ub.dll

windows7-x64

1

Plugin/Con...ub.dll

windows10-2004-x64

1

Plugin/PopMgr.dll

windows7-x64

1

Plugin/PopMgr.dll

windows10-2004-x64

1

Plugin/PopMgrStub.dll

windows7-x64

1

Plugin/PopMgrStub.dll

windows10-2004-x64

1

Plugin/Run...on.dll

windows7-x64

1

Plugin/Run...on.dll

windows10-2004-x64

1

Plugin/She...64.dll

windows7-x64

4

Plugin/She...64.dll

windows10-2004-x64

4

Plugin/She...86.dll

windows7-x64

1

Plugin/She...86.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-05-2024 00:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plugin/ConfigCenter.dll

  • Size

    443KB

  • MD5

    e3c6ab52c6ed4d14e7fbfc32309f3ba9

  • SHA1

    f372c4a8599d46ae23ccc9325a08b9da689d86de

  • SHA256

    c0d5a190b0daa1e06ddbe5801827b50eedf6bf70bd48271686a613726c97d04d

  • SHA512

    ce8e2fb5c982b8c0c4622416d4af5a7a648eb793e027ecec6ee522b1cd7119490e682398a2847fe4c7e19b7a525577e5ae978544bc647d1a879a825957149d9b

  • SSDEEP

    6144:iCkfLsNQigo5pnev/CX7OXcwxhH7n1W7FDcYBXAOQtghUau6:i1AaiTvneH+7OXR5w5AYBX22O6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugin\ConfigCenter.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1468
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugin\ConfigCenter.dll,#1
      2⤵
        PID:3928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads