Overview

overview

7

Static

static

7

ab48254419...18.exe

windows7-x64

7

ab48254419...18.exe

windows10-2004-x64

7

$APPDATA/A...dl.exe

windows7-x64

1

$APPDATA/A...dl.exe

windows10-2004-x64

1

$PLUGINSDI...in.dll

windows7-x64

1

$PLUGINSDI...in.dll

windows10-2004-x64

1

$PLUGINSDI...on.dll

windows7-x64

1

$PLUGINSDI...on.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

AVCBurnFree.dll

windows7-x64

3

AVCBurnFree.dll

windows10-2004-x64

3

AVCFree.exe

windows7-x64

3

AVCFree.exe

windows10-2004-x64

1

ClipEffectFree.dll

windows7-x64

1

ClipEffectFree.dll

windows10-2004-x64

1

DuiLib_u.dll

windows7-x64

3

DuiLib_u.dll

windows10-2004-x64

3

MFC100U.dll

windows7-x64

1

MFC100U.dll

windows10-2004-x64

1

MSVCP100.dll

windows7-x64

3

MSVCP100.dll

windows10-2004-x64

3

MSVCR100.dll

windows7-x64

3

MSVCR100.dll

windows10-2004-x64

3

ParseDVD.dll

windows7-x64

3

ParseDVD.dll

windows10-2004-x64

3

SDL.dll

windows7-x64

1

SDL.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-06-2024 20:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ClipEffectFree.dll

  • Size

    745KB

  • MD5

    bd64824e6e16ac928bac32422ae5c2d6

  • SHA1

    3346e46c069b119730cc7d3e7eb75ed75f810be9

  • SHA256

    27fa3efb1ce480c227a8912d8fac219654070098e9fe18b75135979d8cf94dfd

  • SHA512

    0817f0f89f8778466c607f5bf78d06921aa3abe427cebc01f03dba23dcd7d53003321097465d1f76d3a383c36601cb5bfbbae38cc68e15dfda795d86995dfd64

  • SSDEEP

    12288:exouPUmOPOnHyOgKSnJcZYOMAVqnabxLVEjOGQxX+6nZqpl/YtsOs5Z6xPn2ur:PxUSJZXlgtsFZ+d

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ClipEffectFree.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ClipEffectFree.dll,#1
      2⤵
        PID:2312
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3772,i,1305347165619645738,15927664461101562802,262144 --variations-seed-version --mojo-platform-channel-handle=4236 /prefetch:8
      1⤵
        PID:4040

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2312-0-0x0000000002A60000-0x0000000002D94000-memory.dmp

        Filesize

        3.2MB

        Download

      • memory/2312-2-0x0000000071EF1000-0x0000000072A69000-memory.dmp

        Filesize

        11.5MB

        Download

      • memory/2312-3-0x0000000071EF0000-0x000000007361B000-memory.dmp

        Filesize

        23.2MB

        Download

      • memory/2312-5-0x0000000074470000-0x00000000744D4000-memory.dmp

        Filesize

        400KB

        Download

      • memory/2312-6-0x00000000743D0000-0x0000000074469000-memory.dmp

        Filesize

        612KB

        Download

      • memory/2312-7-0x0000000074220000-0x00000000743C7000-memory.dmp

        Filesize

        1.7MB

        Download

      • memory/2312-13-0x0000000068D40000-0x0000000068D82000-memory.dmp

        Filesize

        264KB

        Download

      • memory/2312-12-0x0000000073D10000-0x0000000073D99000-memory.dmp

        Filesize

        548KB

        Download

      • memory/2312-11-0x0000000062E40000-0x0000000062E64000-memory.dmp

        Filesize

        144KB

        Download

      • memory/2312-10-0x000000006F4C0000-0x000000006F4CF000-memory.dmp

        Filesize

        60KB

        Download

      • memory/2312-9-0x0000000073FB0000-0x0000000073FD6000-memory.dmp

        Filesize

        152KB

        Download

      • memory/2312-8-0x0000000073FE0000-0x000000007421A000-memory.dmp

        Filesize

        2.2MB

        Download

      • memory/2312-4-0x0000000068100000-0x0000000068159000-memory.dmp

        Filesize

        356KB

        Download

      • memory/2312-17-0x0000000066200000-0x0000000066309000-memory.dmp

        Filesize

        1.0MB

        Download

      • memory/2312-22-0x00000000687C0000-0x0000000068914000-memory.dmp

        Filesize

        1.3MB

        Download

      • memory/2312-21-0x00000000628C0000-0x00000000628DA000-memory.dmp

        Filesize

        104KB

        Download

      • memory/2312-20-0x0000000071D60000-0x0000000071D84000-memory.dmp

        Filesize

        144KB

        Download

      • memory/2312-19-0x0000000062D40000-0x0000000062DE7000-memory.dmp

        Filesize

        668KB

        Download

      • memory/2312-18-0x0000000061800000-0x000000006186C000-memory.dmp

        Filesize

        432KB

        Download

      • memory/2312-23-0x0000000002A60000-0x0000000002D94000-memory.dmp

        Filesize

        3.2MB

        Download

      • memory/2312-16-0x000000006EB40000-0x000000006EB63000-memory.dmp

        Filesize

        140KB

        Download

      • memory/2312-15-0x0000000064B40000-0x0000000064B57000-memory.dmp

        Filesize

        92KB

        Download