Overview

overview

5

Static

static

3

334f97272e...18.exe

windows7-x64

3

334f97272e...18.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/CoreAAC.dll

windows7-x64

1

$SYSDIR/CoreAAC.dll

windows10-2004-x64

1

$SYSDIR/Mp...er.dll

windows7-x64

1

$SYSDIR/Mp...er.dll

windows10-2004-x64

1

$SYSDIR/aa...er.dll

windows7-x64

1

$SYSDIR/aa...er.dll

windows10-2004-x64

1

$SYSDIR/rmsp.dll

windows7-x64

1

$SYSDIR/rmsp.dll

windows10-2004-x64

1

$TEMP/getm...ss.dll

windows7-x64

3

$TEMP/getm...ss.dll

windows10-2004-x64

3

CrashReport.exe

windows7-x64

1

CrashReport.exe

windows10-2004-x64

1

Funshion.exe

windows7-x64

4

Funshion.exe

windows10-2004-x64

5

GetMACAddress.dll

windows7-x64

1

GetMACAddress.dll

windows10-2004-x64

3

LangResEnAmerican.dll

windows7-x64

1

LangResEnAmerican.dll

windows10-2004-x64

1

RouterSetting.dll

windows7-x64

1

RouterSetting.dll

windows10-2004-x64

3

WMVCORE.dll

windows7-x64

4

WMVCORE.dll

windows10-2004-x64

4

XPSP2Patch...ll.exe

windows7-x64

3

XPSP2Patch...ll.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    95s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/07/2024, 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XPSP2Patch/FunshionInstall.exe

  • Size

    176KB

  • MD5

    e8a859bf695746b8508392a863d68155

  • SHA1

    b5216d2c1a120831f74f7107b9dc1031e7e44c00

  • SHA256

    6fdb9a829f3f1fa06b1673cc1bb1a34570c942a341d0b434149669af55359bb4

  • SHA512

    25144983aa27f200d7d3906ebb0cf138d5642c93f6b070332ddb7864ecacb0369531855e93c66b355aee2ca86ee70f8461a34401fcaf01ccd459598d5913ccb1

  • SSDEEP

    3072:JQiscbDR3ZIslEPr2IFq2bb38NY75Eojcwt00CXkxtF3ax0Vsz:J57pKDb4wjcdDSg

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\XPSP2Patch\FunshionInstall.exe
    "C:\Users\Admin\AppData\Local\Temp\XPSP2Patch\FunshionInstall.exe"
    1⤵
      PID:3784
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3784 -s 756
        2⤵
        • Program crash
        PID:4364
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3784 -ip 3784
      1⤵
        PID:2204

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3784-0-0x0000000000680000-0x0000000000681000-memory.dmp

        Filesize

        4KB

        Download