Overview

overview

7

Static

static

7

91vpn(3.5....pn.exe

windows7-x64

7

91vpn(3.5....pn.exe

windows10-2004-x64

7

91vpn(3.5....ce.dll

windows7-x64

7

91vpn(3.5....ce.dll

windows10-2004-x64

7

91vpn(3.5....xy.dll

windows7-x64

7

91vpn(3.5....xy.dll

windows10-2004-x64

7

91vpn(3.5....00.dll

windows7-x64

1

91vpn(3.5....00.dll

windows10-2004-x64

1

91vpn(3.5....00.dll

windows7-x64

3

91vpn(3.5....00.dll

windows10-2004-x64

3

91vpn(3.5....00.dll

windows7-x64

3

91vpn(3.5....00.dll

windows10-2004-x64

3

91vpn(3.5....er.exe

windows7-x64

7

91vpn(3.5....er.exe

windows10-2004-x64

7

91vpn(3.5....il.dll

windows7-x64

7

91vpn(3.5....il.dll

windows10-2004-x64

7

91vpn(3.5....CN.dll

windows7-x64

1

91vpn(3.5....CN.dll

windows10-2004-x64

1

QQ自动�...ad.dll

windows7-x64

1

QQ自动�...ad.dll

windows10-2004-x64

1

QQ自动�...ew.dll

windows7-x64

1

QQ自动�...ew.dll

windows10-2004-x64

1

QQ自动�...er.dll

windows7-x64

1

QQ自动�...er.dll

windows10-2004-x64

1

QQ自动�...p1.dll

windows7-x64

3

QQ自动�...p1.dll

windows10-2004-x64

3

QQ自动�...PI.dll

windows7-x64

1

QQ自动�...PI.dll

windows10-2004-x64

1

QQ自动�...et.dll

windows7-x64

1

QQ自动�...et.dll

windows10-2004-x64

1

QQ自动�...xt.dll

windows7-x64

1

QQ自动�...xt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-06-2024 16:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    QQ自动加群王V3.3 2014_破解版/HtmlView.dll

  • Size

    216KB

  • MD5

    e527a74f8289e3775e593045d24eb37f

  • SHA1

    7ce6d4e3237d9e2ccaa0fac93eeebc75bcc684ed

  • SHA256

    da6fb3a53ceacd056736f0334b0aae053dfcabc4f47a26f1e30793ae3a9e940a

  • SHA512

    2288333e44a8af1afbbabe667a35936dc7cc393fafde7e67a6a13abaa72e569f52fa99283f25d563051e840f237c0446f829695e686262e943a066e238f31a4c

  • SSDEEP

    6144:rB734tS85aRhOAMMHwZI2yIBpT4JrXeTUWX:N34tS85azBHwZ9/4JK1

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\QQ自动加群王V3.3 2014_破解版\HtmlView.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3128
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\QQ自动加群王V3.3 2014_破解版\HtmlView.dll",#1
      2⤵
        PID:3464

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3464-0-0x0000000010000000-0x0000000010039000-memory.dmp

      Filesize

      228KB

      Download