Overview

overview

7

Static

static

3

wokwinlm/Msvbvm60.dll

windows7-x64

1

wokwinlm/Msvbvm60.dll

windows10-2004-x64

1

wokwinlm/Vb6chs.dll

windows7-x64

1

wokwinlm/Vb6chs.dll

windows10-2004-x64

1

wokwinlm/W...Lm.exe

windows7-x64

7

wokwinlm/W...Lm.exe

windows10-2004-x64

7

wokwinlm/W...��.doc

windows7-x64

4

wokwinlm/W...��.doc

windows10-2004-x64

1

wokwinlm/W...��.doc

windows7-x64

4

wokwinlm/W...��.doc

windows10-2004-x64

1

wokwinlm/system.exe

windows7-x64

1

wokwinlm/system.exe

windows10-2004-x64

1

wokwinlm/w...rk.dll

windows7-x64

1

wokwinlm/w...rk.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    51s
  • max time network
    53s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-06-2024 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    wokwinlm/WorkWinLm.exe

  • Size

    512KB

  • MD5

    baf83b929fec027c369723bb3984c5d4

  • SHA1

    8a47d98ab1c77dd2ae7760ce8768f4c74650024d

  • SHA256

    8dbf648d10e62bbc801217201d0abbc232aad07005d93c5e82638b7f7dce8999

  • SHA512

    daa430bf7b9349cfa90327de2d604c294beadc7994af1b9f3512f7851889702cd20cde16f1c8a3d377dc7d6f60ab54c5073d597dc169d830ad90ab28b351a5ca

  • SSDEEP

    12288:h8IE2bGQtCIKLDoUqU+NNiDoxM9mISbENsfLdNFqEI/JKFS:qJZIkscqQeBtIxKF

Score
7/10

Malware Config

Signatures

  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Modifies registry class 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\wokwinlm\WorkWinLm.exe
    "C:\Users\Admin\AppData\Local\Temp\wokwinlm\WorkWinLm.exe"
    1⤵
    • Checks BIOS information in registry
    • Modifies registry class
    PID:2460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2460-0-0x0000000000400000-0x00000000004E9000-memory.dmp

    Filesize

    932KB

    Download

  • memory/2460-2-0x0000000000610000-0x0000000000657000-memory.dmp

    Filesize

    284KB

    Download

  • memory/2460-7-0x0000000000610000-0x0000000000657000-memory.dmp

    Filesize

    284KB

    Download

  • memory/2460-8-0x0000000000400000-0x00000000004E9000-memory.dmp

    Filesize

    932KB

    Download

  • memory/2460-9-0x0000000000610000-0x0000000000657000-memory.dmp

    Filesize

    284KB

    Download