Overview

overview

9

Static

static

7

3.exe

windows10-2004-x64

9

Qt5Core.dll

windows10-2004-x64

3

Qt5Gui.dll

windows10-2004-x64

3

Qt5Widgets.dll

windows10-2004-x64

3

icudt51.dll

windows10-2004-x64

1

icuin51.dll

windows10-2004-x64

3

icuuc51.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

msvcp100.dll

windows10-2004-x64

3

msvcr100.dll

windows10-2004-x64

3

platforms/...ws.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    129s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-06-2024 01:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    icuin51.dll

  • Size

    1.7MB

  • MD5

    a7f201c0b9ac05e950ecc55d4403ec16

  • SHA1

    20b5b9aefd27b11bd129af6bf362d11dffafa5e5

  • SHA256

    173092c4e256958b100683a6ab2ce0d1c9895ec63f222198f9de485e61c728ca

  • SHA512

    0d3b3a3f2d5c39b7309943591e51587c1db4bfc70ea5b0fd4a9016aacf0ca9dfa69040e6d74e1b9424fd8e41b3b3e22ab5d7c5352af6c216e491edec78c612d7

  • SSDEEP

    24576:7GWPHUAzlcNk0BjXxOKWf8e4VY/+AnattjtpKFJ/t:FPHUGOkIxOKW5OXlKHV

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\icuin51.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:716
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\icuin51.dll,#1
      2⤵
        PID:2260
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2260 -s 616
          3⤵
          • Program crash
          PID:2528
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2260 -ip 2260
      1⤵
        PID:392
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4228,i,3833046924978547022,12404847742964713612,262144 --variations-seed-version --mojo-platform-channel-handle=3780 /prefetch:8
        1⤵
          PID:400

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads