Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240708-en -
resource tags
arch:x64arch:x86image:win10v2004-20240708-enlocale:en-usos:windows10-2004-x64system -
submitted
09-07-2024 11:55
Behavioral task
behavioral1
Sample
CV_zheregelya.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
CV_zheregelya.pdf
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
CV_zheregelya.pdf.lnk
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
CV_zheregelya.pdf.lnk
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
cv.exe
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
cv.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
version.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
version.dll
Resource
win10v2004-20240708-en
General
-
Target
version.dll
-
Size
1000KB
-
MD5
f752dbed5db9df8cd60432645c9f3df8
-
SHA1
accf775537968ade9ff305fc684230bfd68cfc1f
-
SHA256
95d79e01809bc912217a12dc204d3e033b5ef60b56c96b9b3e25cd7aab5d2064
-
SHA512
2e38c0b321e60fc907cd81fb547db62f7e2929b4ba22e93836a43006daa3b671be4410981359e4b84265512b5a0ece359da72525bb961d2a2c7ed6210b023587
-
SSDEEP
24576:BmE/tBwMsfAKazhRNz6O5y4/LH+MC0Wt/BUB:BmQ/n5R0d4zeNK
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes:
rundll32.exedescription pid process target process PID 1268 wrote to memory of 2596 1268 rundll32.exe getmac.exe PID 1268 wrote to memory of 2596 1268 rundll32.exe getmac.exe