Overview
overview
10Static
static
3Rainmeter-4.5.18.exe
windows7-x64
4Rainmeter-4.5.18.exe
windows10-2004-x64
4$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
Plugins/Ac...er.dll
windows7-x64
1Plugins/Ac...er.dll
windows10-2004-x64
1Plugins/Ad...PU.dll
windows7-x64
1Plugins/Ad...PU.dll
windows10-2004-x64
1Plugins/Au...el.dll
windows7-x64
1Plugins/Au...el.dll
windows10-2004-x64
1Plugins/CoreTemp.dll
windows7-x64
1Plugins/CoreTemp.dll
windows10-2004-x64
1Plugins/FileView.dll
windows7-x64
1Plugins/FileView.dll
windows10-2004-x64
1Plugins/Fo...fo.dll
windows7-x64
1Plugins/Fo...fo.dll
windows10-2004-x64
1Plugins/InputText.dll
windows7-x64
3Plugins/InputText.dll
windows10-2004-x64
3Plugins/PerfMon.dll
windows7-x64
1Plugins/PerfMon.dll
windows10-2004-x64
1Plugins/Pi...in.dll
windows7-x64
1Plugins/Pi...in.dll
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
11/06/2024, 10:49
Static task
static1
Behavioral task
behavioral1
Sample
Rainmeter-4.5.18.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
Rainmeter-4.5.18.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/MoreInfo.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/MoreInfo.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Plugins/ActionTimer.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral16
Sample
Plugins/ActionTimer.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Plugins/AdvancedCPU.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
Plugins/AdvancedCPU.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Plugins/AudioLevel.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral20
Sample
Plugins/AudioLevel.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Plugins/CoreTemp.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
Plugins/CoreTemp.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Plugins/FileView.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral24
Sample
Plugins/FileView.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Plugins/FolderInfo.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral26
Sample
Plugins/FolderInfo.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Plugins/InputText.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral28
Sample
Plugins/InputText.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Plugins/PerfMon.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral30
Sample
Plugins/PerfMon.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Plugins/PingPlugin.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral32
Sample
Plugins/PingPlugin.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
General
-
Target
Plugins/PerfMon.dll
-
Size
88KB
-
MD5
77c1bb511ba882dd1f6b68a8fa6a3e16
-
SHA1
308c7edd447932f3e62e444cb1b7a16351d826fb
-
SHA256
8f3f7bf9f290190ded0ccacf21e5027eea14e31ef2eba59a7bc0cfccd8701325
-
SHA512
2a1350b8103c770142b078d915e3e979bf3fe52a93d42ada3fd47ee014a1eb9b1075ab068c44f6449312b3b02300714beb3fb8396917e3817c8ae5d29fb57919
-
SSDEEP
1536:770aS0fsW1AYcdO/L3a+XRIArIPb2YvJAeMfrw1X+pB17S/sk2O+xWU0G:770aHWOxRIAgSYxAeKHpBNSOxWU0G
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 572 wrote to memory of 2112 572 rundll32.exe 28 PID 572 wrote to memory of 2112 572 rundll32.exe 28 PID 572 wrote to memory of 2112 572 rundll32.exe 28 PID 572 wrote to memory of 2112 572 rundll32.exe 28 PID 572 wrote to memory of 2112 572 rundll32.exe 28 PID 572 wrote to memory of 2112 572 rundll32.exe 28 PID 572 wrote to memory of 2112 572 rundll32.exe 28