Analysis
-
max time kernel
15s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
09-07-2024 11:55
Behavioral task
behavioral1
Sample
CV_zheregelya.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
CV_zheregelya.pdf
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
CV_zheregelya.pdf.lnk
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
CV_zheregelya.pdf.lnk
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
cv.exe
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
cv.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
version.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
version.dll
Resource
win10v2004-20240708-en
General
-
Target
version.dll
-
Size
1000KB
-
MD5
f752dbed5db9df8cd60432645c9f3df8
-
SHA1
accf775537968ade9ff305fc684230bfd68cfc1f
-
SHA256
95d79e01809bc912217a12dc204d3e033b5ef60b56c96b9b3e25cd7aab5d2064
-
SHA512
2e38c0b321e60fc907cd81fb547db62f7e2929b4ba22e93836a43006daa3b671be4410981359e4b84265512b5a0ece359da72525bb961d2a2c7ed6210b023587
-
SSDEEP
24576:BmE/tBwMsfAKazhRNz6O5y4/LH+MC0Wt/BUB:BmQ/n5R0d4zeNK
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2256 wrote to memory of 2324 2256 rundll32.exe getmac.exe PID 2256 wrote to memory of 2324 2256 rundll32.exe getmac.exe PID 2256 wrote to memory of 2324 2256 rundll32.exe getmac.exe