Analysis
-
max time kernel
52s -
max time network
61s -
platform
windows10-1703_x64 -
resource
win10-20240611-en -
resource tags
arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system -
submitted
05-07-2024 16:09
Static task
static1
Behavioral task
behavioral3
Sample
Settings.ini
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
d3d9xx.dll
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
libcef.dll
Resource
win10-20240611-en
Behavioral task
behavioral6
Sample
licension.dll
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
open me - 1212.txt
Resource
win10-20240404-en
General
-
Target
libcef.dll
-
Size
19.4MB
-
MD5
60be2cec0d95bb135d4452f39aac6805
-
SHA1
e2de1c24e924d16d66d7d128bc63213f04500d9a
-
SHA256
391b7e66004d7845f5caa7d70f106dac7d0b49538954c55601ed7b5985c3d699
-
SHA512
d50579fe0176477da1c78aeeafb1c9fdaa8905646d9fd32edd4bd2ccdd0591b97721d9cef4a546fcc6816a0ab56f9c2c6c31ccdfc19e7ad998a6ebddb6a3921d
-
SSDEEP
393216:fd4hk/HQezExvwV4mRmT3E70OQSf8j263wrUGu2SfYpfPvZTU:fd46/HQJxvJmP70OQGupwrM2S8U
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3360 wrote to memory of 4712 3360 rundll32.exe rundll32.exe PID 3360 wrote to memory of 4712 3360 rundll32.exe rundll32.exe PID 3360 wrote to memory of 4712 3360 rundll32.exe rundll32.exe