Overview

overview

3

Static

static

3

Data/Data.pkg

macos-10.15-amd64

Modmanager.exe

windows7-x64

1

Modmanager.exe

windows10-2004-x64

1

Updater.exe

windows7-x64

1

Updater.exe

windows10-2004-x64

1

fmodex64.dll

windows7-x64

1

fmodex64.dll

windows10-2004-x64

1

unrar.dll

windows7-x64

1

unrar.dll

windows10-2004-x64

1

Resubmissions

06/07/2024, 03:29

240706-d2dzbsxcje 3

05/07/2024, 18:04

240705-wn31easepl 3

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2024, 18:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    unrar.dll

  • Size

    371KB

  • MD5

    09a5c3876b5171509888f27161338c5b

  • SHA1

    8be65b35a2107aa156d95bb8807ef94f03fafb75

  • SHA256

    29825c48a34e6fc02c27be59ca9b2452b53421f01a24f57bb2a3467bebdd7350

  • SHA512

    08b743cece825f08e49c284a8430ba3695b273441f3b4dadffa2118d87abdafc9e5bd231e779c4ae45ceda40758fd36ac31eaff1e5f4f8443e259635bec8bce7

  • SSDEEP

    6144:Gk1MQzqLxlHaJSF3/WKegZb6WJbTmaVrZYH034AKXTXN34iNHjZC0Yh2M2sbrX:GchzmHaApWKfZxJbTmsm034AKJIMH8X

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\unrar.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1448
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1448 -s 120
      2⤵
        PID:1572

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads