Overview

overview

7

Static

static

3

0262065334...18.exe

windows7-x64

7

0262065334...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ib.dll

windows7-x64

3

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

1

$R0.dll

windows10-2004-x64

1

$R2/NSIS.L...2_.exe

windows7-x64

1

$R2/NSIS.L...2_.exe

windows10-2004-x64

1

$SYSDIR/DWSHK80.dll

windows7-x64

1

$SYSDIR/DWSHK80.dll

windows10-2004-x64

1

$SYSDIR/MSVBVM60.dll

windows7-x64

1

$SYSDIR/MSVBVM60.dll

windows10-2004-x64

1

$SYSDIR/VB6KO.dll

windows7-x64

1

$SYSDIR/VB6KO.dll

windows10-2004-x64

1

$SYSDIR/dwsbc80.dll

windows7-x64

1

$SYSDIR/dwsbc80.dll

windows10-2004-x64

1

$SYSDIR/dw...80.dll

windows7-x64

1

$SYSDIR/dw...80.dll

windows10-2004-x64

1

UrlUpdate.exe

windows7-x64

7

UrlUpdate.exe

windows10-2004-x64

7

efbbar.dll

windows7-x64

1

efbbar.dll

windows10-2004-x64

1

efsbar.dll

windows7-x64

1

efsbar.dll

windows10-2004-x64

1

iewindow.exe

windows7-x64

1

iewindow.exe

windows10-2004-x64

1

nnlogon.exe

windows7-x64

1

nnlogon.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 03:22 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $SYSDIR/MSVBVM60.dll

  • Size

    1.3MB

  • MD5

    88ef14f379e050e8df3ba9a9462945e9

  • SHA1

    b965d2bd4e3528d7b76ad465ae2c75a83507cf4e

  • SHA256

    0202ddcf449dc8a0b4c56e786222da56c23c97bdc721d751fb169881df2626fe

  • SHA512

    5efe90bd5ad79b833f94ce51a4b6fafbe26e09497ecbefff03bff7a8d9d2d4c4dbd30c74ac445e53cbce183fd992176226a3408cbbb677c6e69ba10d1b6f683c

  • SSDEEP

    24576:CnsZfH8WK6FuXqt5K8whx12tnqIVB62ezzV8d/v3HTYTcfzBRKdfg6:Cim7x12tnq+62ezzVK3HTYoai6

Score
1/10

Malware Config

Signatures

  • Modifies registry class 64 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\$SYSDIR\MSVBVM60.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1452
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\$SYSDIR\MSVBVM60.dll
      2⤵
      • Modifies registry class
      PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.