Overview

overview

10

Static

static

3

Rainmeter-4.5.18.exe

windows7-x64

4

Rainmeter-4.5.18.exe

windows10-2004-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

Plugins/Ac...er.dll

windows7-x64

1

Plugins/Ac...er.dll

windows10-2004-x64

1

Plugins/Ad...PU.dll

windows7-x64

1

Plugins/Ad...PU.dll

windows10-2004-x64

1

Plugins/Au...el.dll

windows7-x64

1

Plugins/Au...el.dll

windows10-2004-x64

1

Plugins/CoreTemp.dll

windows7-x64

1

Plugins/CoreTemp.dll

windows10-2004-x64

1

Plugins/FileView.dll

windows7-x64

1

Plugins/FileView.dll

windows10-2004-x64

1

Plugins/Fo...fo.dll

windows7-x64

1

Plugins/Fo...fo.dll

windows10-2004-x64

1

Plugins/InputText.dll

windows7-x64

3

Plugins/InputText.dll

windows10-2004-x64

3

Plugins/PerfMon.dll

windows7-x64

1

Plugins/PerfMon.dll

windows10-2004-x64

1

Plugins/Pi...in.dll

windows7-x64

1

Plugins/Pi...in.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/06/2024, 10:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Plugins/AudioLevel.dll

  • Size

    166KB

  • MD5

    9b81a346383d152c2dbd7df6778596f4

  • SHA1

    e6bd3a9d390b8f0d33ecc42e735e512aad5df77d

  • SHA256

    37d3094cf0dd66efdb239752cf2b62ba53dc3d6408fb738f9ee403524f5c1f55

  • SHA512

    5cb5a8147434b4ed87d24f574c4f65ec10432d078b41cb06d835c3a3163eabf68b59d9c78e2c535b16528f6027a0300d493d12f176193218ea1221c4c679a4c0

  • SSDEEP

    3072:O6A6K1Xc0sAg0FuROHNMNt5FSvjMKq7npgKxCkaszl+L27vDHCdHPs2:WO0sAO0HNMr5FSYd7BCkDzgLyved02

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugins\AudioLevel.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:932
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugins\AudioLevel.dll,#1
      2⤵
        PID:3668

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads