Overview

overview

7

Static

static

7

36f1e07ff3...18.exe

windows7-x64

7

36f1e07ff3...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

MediaInfo.dll

windows7-x64

7

MediaInfo.dll

windows10-2004-x64

7

Uninst.exe

windows7-x64

7

Uninst.exe

windows10-2004-x64

7

dp_fastvid...rt.exe

windows7-x64

7

dp_fastvid...rt.exe

windows10-2004-x64

7

mencoder.exe

windows7-x64

7

mencoder.exe

windows10-2004-x64

7

pthreadGC2.dll

windows7-x64

1

pthreadGC2.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-07-2024 00:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pthreadGC2.dll

  • Size

    35KB

  • MD5

    2aaafd23e9a77dd8fc3d73a45cfeac01

  • SHA1

    f41ebb61094231af29dc378c1a2c8620102eb58c

  • SHA256

    cd4104379b2aac36b2465623540e30052b2b44f90229709e7d0c65c98394fc05

  • SHA512

    ccd398eaf34c3b2b402e7cbd447fcb0819077ed7ed6c2e874fa72ffead14facef830b864014e3d5b399a8b52561dd0000251177fdb6e027451043a265ab731f3

  • SSDEEP

    384:6XKAwDe/yMw0U0GuOI+KDYZ1EWsLKkSqPmMmg2oes9yzCuFYh3oDqLjBISO0IqMU:6XKAm0UsO76WsxDmELsCDIMiH3YN

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\pthreadGC2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\pthreadGC2.dll,#1
      2⤵
        PID:2300

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads