Overview

overview

7

Static

static

7

91vpn(3.5....pn.exe

windows7-x64

7

91vpn(3.5....pn.exe

windows10-2004-x64

7

91vpn(3.5....ce.dll

windows7-x64

7

91vpn(3.5....ce.dll

windows10-2004-x64

7

91vpn(3.5....xy.dll

windows7-x64

7

91vpn(3.5....xy.dll

windows10-2004-x64

7

91vpn(3.5....00.dll

windows7-x64

1

91vpn(3.5....00.dll

windows10-2004-x64

1

91vpn(3.5....00.dll

windows7-x64

3

91vpn(3.5....00.dll

windows10-2004-x64

3

91vpn(3.5....00.dll

windows7-x64

3

91vpn(3.5....00.dll

windows10-2004-x64

3

91vpn(3.5....er.exe

windows7-x64

7

91vpn(3.5....er.exe

windows10-2004-x64

7

91vpn(3.5....il.dll

windows7-x64

7

91vpn(3.5....il.dll

windows10-2004-x64

7

91vpn(3.5....CN.dll

windows7-x64

1

91vpn(3.5....CN.dll

windows10-2004-x64

1

QQ自动�...ad.dll

windows7-x64

1

QQ自动�...ad.dll

windows10-2004-x64

1

QQ自动�...ew.dll

windows7-x64

1

QQ自动�...ew.dll

windows10-2004-x64

1

QQ自动�...er.dll

windows7-x64

1

QQ自动�...er.dll

windows10-2004-x64

1

QQ自动�...p1.dll

windows7-x64

3

QQ自动�...p1.dll

windows10-2004-x64

3

QQ自动�...PI.dll

windows7-x64

1

QQ自动�...PI.dll

windows10-2004-x64

1

QQ自动�...et.dll

windows7-x64

1

QQ自动�...et.dll

windows10-2004-x64

1

QQ自动�...xt.dll

windows7-x64

1

QQ自动�...xt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-06-2024 16:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    QQ自动加群王V3.3 2014_破解版/EThread.dll

  • Size

    60KB

  • MD5

    db8d34f80e6b63fb68d862208b95fa05

  • SHA1

    903c9ddbaee99cf9204abbb0fea6c723baa412d3

  • SHA256

    9190853a5adc8d9e3409fcc6d8a2b8c059ee00023b1dc6a111e8cfbfcbba093b

  • SHA512

    6ef22edfa097e27d7e6f20e011671f9d195cf40436aba427814c2f33871a9d47d331b0d6c0f33beee7a56f5f90b02cb3a0c48d73a8de8a438f2618a2e6527382

  • SSDEEP

    768:362+frmFBZ7cJa/eDV6zMVMsWl1YUD6Rem5aBwLs7bSra/q6Fq4oO5Z3Vijg:33BcJa/eD3X66RN9Ls7bS2/jboy3Mj

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\QQ自动加群王V3.3 2014_破解版\EThread.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4036
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\QQ自动加群王V3.3 2014_破解版\EThread.dll",#1
      2⤵
        PID:1560

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1560-0-0x0000000010000000-0x000000001001C000-memory.dmp

      Filesize

      112KB

      Download