Overview
overview
8Static
static
19553下载.htm
windows7-x64
19553下载.htm
windows10-2004-x64
1luyou/ADService.exe
windows7-x64
1luyou/ADService.exe
windows10-2004-x64
1luyou/LYUI.dll
windows7-x64
1luyou/LYUI.dll
windows10-2004-x64
1luyou/LYUp...te.dll
windows7-x64
1luyou/LYUp...te.dll
windows10-2004-x64
1luyou/LYUp...pg.exe
windows7-x64
1luyou/LYUp...pg.exe
windows10-2004-x64
1luyou/RmService.dll
windows7-x64
1luyou/RmService.dll
windows10-2004-x64
1luyou/dbManage.dll
windows7-x64
3luyou/dbManage.dll
windows10-2004-x64
3luyou/http_net.dll
windows7-x64
5luyou/http_net.dll
windows10-2004-x64
5luyou/libeay32.dll
windows7-x64
1luyou/libeay32.dll
windows10-2004-x64
1luyou/luyou.exe
windows7-x64
8luyou/luyou.exe
windows10-2004-x64
8luyou/lycore.dll
windows7-x64
1luyou/lycore.dll
windows10-2004-x64
1luyou/lycore.vbs
windows7-x64
1luyou/lycore.vbs
windows10-2004-x64
1luyou/lycore64.dll
windows7-x64
1luyou/lycore64.dll
windows10-2004-x64
1luyou/msvcp90.dll
windows7-x64
1luyou/msvcp90.dll
windows10-2004-x64
1luyou/msvcr90.dll
windows7-x64
1luyou/msvcr90.dll
windows10-2004-x64
1luyou/net_client.dll
windows7-x64
1luyou/net_client.dll
windows10-2004-x64
3Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
16/06/2024, 10:53
Static task
static1
Behavioral task
behavioral1
Sample
9553下载.htm
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
9553下载.htm
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
luyou/ADService.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral4
Sample
luyou/ADService.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
luyou/LYUI.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral6
Sample
luyou/LYUI.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
luyou/LYUpdater/CheckUpdate.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral8
Sample
luyou/LYUpdater/CheckUpdate.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
luyou/LYUpdater/LYUpg.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral10
Sample
luyou/LYUpdater/LYUpg.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
luyou/RmService.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral12
Sample
luyou/RmService.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
luyou/dbManage.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral14
Sample
luyou/dbManage.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
luyou/http_net.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral16
Sample
luyou/http_net.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
luyou/libeay32.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral18
Sample
luyou/libeay32.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
luyou/luyou.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral20
Sample
luyou/luyou.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
luyou/lycore.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
luyou/lycore.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
luyou/lycore.vbs
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral24
Sample
luyou/lycore.vbs
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
luyou/lycore64.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral26
Sample
luyou/lycore64.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
luyou/msvcp90.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral28
Sample
luyou/msvcp90.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
luyou/msvcr90.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral30
Sample
luyou/msvcr90.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
luyou/net_client.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral32
Sample
luyou/net_client.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
General
-
Target
luyou/libeay32.dll
-
Size
1003KB
-
MD5
a1fafdb2ece294fcf38c189671ffe278
-
SHA1
c36d4e0b7f935a13bfacc223b45d903fe07918eb
-
SHA256
8535ecd338b1d903e4719370fb432deea80d01c2d95a93d9d22fd7761e519ab8
-
SHA512
1afe46b1b493dcf86050158e5983ee907eb2899ac1473b44c3f813642e5be4c87b117b5955332aaa21c4104a496deda78e460876a633bf4cbef8888f7aba686b
-
SSDEEP
12288:5eOiZOSAS01zLiAf1PxLZteyl9T0rWy90g0fqTe1lCArnPFOzXGopS2f4kmbmmE3:VB1PxL+00rWaRmxnNc5p1Hmimn0h
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2968 wrote to memory of 2980 2968 rundll32.exe 28 PID 2968 wrote to memory of 2980 2968 rundll32.exe 28 PID 2968 wrote to memory of 2980 2968 rundll32.exe 28 PID 2968 wrote to memory of 2980 2968 rundll32.exe 28 PID 2968 wrote to memory of 2980 2968 rundll32.exe 28 PID 2968 wrote to memory of 2980 2968 rundll32.exe 28 PID 2968 wrote to memory of 2980 2968 rundll32.exe 28