Overview

overview

7

Static

static

7

2184325fa8...18.exe

windows7-x64

7

2184325fa8...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Dload.exe

windows7-x64

6

Dload.exe

windows10-2004-x64

6

DuiDui.exe

windows7-x64

1

DuiDui.exe

windows10-2004-x64

1

mfc42.dll

windows7-x64

1

mfc42.dll

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/07/2024, 07:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mfc42.dll

  • Size

    1004KB

  • MD5

    61e6d0307797c07cbc04cab21cdbe30f

  • SHA1

    1fcfeca9b6c65a4d3b6ed720cdf53323b5be1c2a

  • SHA256

    721232b09c0431b57b2c5d5147114c6a139ea8d2ce98f5644013132de7c66bcf

  • SHA512

    df80e711a33989fac34ceb359f2481b9710ccdf6439f0d21aa03d80e88cdb1640ed7977c3a966e1356067d8dfd439ec286e8bcc0b3e7cee4ed386ccab8f5d6d5

  • SSDEEP

    12288:oa5jb5KbrEJJNdbctjMyqktj5R2mE6X7hBw421g02xAOAYKcneCL0QEQ7i/q70U+:z5eEJZctjMHz673c4bT0Q1JQU+

Score
1/10

Malware Config

Signatures

  • Modifies registry class 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\mfc42.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4572
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\mfc42.dll
      2⤵
      • Modifies registry class
      PID:3376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads