Overview

overview

7

Static

static

7

Device/Har...er.dll

windows7-x64

1

Device/Har...er.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    125s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-07-2024 10:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Device/HarddiskVolume11/UniRadio/UniPlayer.dll

  • Size

    517KB

  • MD5

    5b798d725f4e7c91b0d51f7aef3c0630

  • SHA1

    dd99fcd17413391347d8367a93dc359c236a4010

  • SHA256

    62439289d5481b66431c90b788b6ba5e0f4cc1dd42c60840a318459aac4cfd7d

  • SHA512

    9714f50ece33cb3febf8748ce56b13bb462886b0623870a500767c8e4dbb33a2f7c34a3f8d58fcb6470949af57510e4e90589a7cef0388640bbe88439ad0961c

  • SSDEEP

    12288:W/yre68ltnRyQbidYlDervur2cXOBC5adAkFrqJt/Xx:W/EfrQbInifXOIaO2qN

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume11\UniRadio\UniPlayer.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2928
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume11\UniRadio\UniPlayer.dll,#1
      2⤵
        PID:1348
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1280,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=3744 /prefetch:8
      1⤵
        PID:4736

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1348-0-0x0000000075520000-0x000000007563D000-memory.dmp

        Filesize

        1.1MB

        Download

      • memory/1348-1-0x0000000075520000-0x0000000075594000-memory.dmp

        Filesize

        464KB

        Download