Overview

overview

10

Static

static

10

v2dc/123.exe

windows10-1703-x64

10

v2dc/DCRat.exe

windows10-1703-x64

7

v2dc/back.gif

windows10-1703-x64

1

v2dc/config.cson

windows10-1703-x64

3

v2dc/data/7zxa.dll

windows10-1703-x64

3

v2dc/data/DCRAC.exe

windows10-1703-x64

1

v2dc/data/DCRCC.exe

windows10-1703-x64

3

v2dc/data/Default.exe

windows10-1703-x64

1

v2dc/data/NCC2.dll

windows10-1703-x64

1

v2dc/data/NCC3.dll

windows10-1703-x64

3

v2dc/data/NCCheck.dll

windows10-1703-x64

1

v2dc/data/Rar.exe

windows10-1703-x64

3

v2dc/data/RarExt.dll

windows10-1703-x64

3

v2dc/data/...64.dll

windows10-1703-x64

3

v2dc/data/WinCon.exe

windows10-1703-x64

1

v2dc/data/Zip.exe

windows10-1703-x64

1

v2dc/data/dnlib.dll

windows10-1703-x64

1

v2dc/data/...le.exe

windows10-1703-x64

7

v2dc/data/...or.exe

windows10-1703-x64

7

v2dc/data/enc.vbe

windows10-1703-x64

1

v2dc/data/kll.temp

windows10-1703-x64

3

v2dc/data/upx.exe

windows10-1703-x64

7

v2dc/data/wRar.exe

windows10-1703-x64

4

v2dc/desig...d.json

windows10-1703-x64

3

v2dc/desig...t.json

windows10-1703-x64

3

v2dc/desig...l.json

windows10-1703-x64

3

v2dc/desig...n.json

windows10-1703-x64

3

v2dc/desig...n.json

windows10-1703-x64

3

v2dc/desig...n.json

windows10-1703-x64

3

v2dc/desig...y.json

windows10-1703-x64

3

v2dc/desig...l.json

windows10-1703-x64

3

v2dc/desig...n.json

windows10-1703-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    136s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07/06/2024, 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    v2dc/data/7zxa.dll

  • Size

    155KB

  • MD5

    786d4c74c05832a652be5c0a559be1e6

  • SHA1

    56bc5cf0bef56565da871af9e10ac8c2302d2ad7

  • SHA256

    d0680ac62e94f953df031533acd0acb718ad8494f938d84198c655507709e5df

  • SHA512

    29cf07d3acceb716a2e9ec66434170ba7f15c5af3c843253d72be6f7bf1ab942a6e098a423beb33efb9fbf8bb6c967c34d4dedf65aca72984c6aa70c58e0eeb4

  • SSDEEP

    3072:QwBYN3i204AHpzTjaLd4+OTpLcl28hpQplf4btKL6mCF:E3cp3jaLupLc3fclAKmJ

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\v2dc\data\7zxa.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4364
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\v2dc\data\7zxa.dll,#1
      2⤵
        PID:3012
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3012 -s 616
          3⤵
          • Program crash
          PID:4044
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3012 -s 660
          3⤵
          • Program crash
          PID:1872

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads