Overview

overview

7

Static

static

3

37e5c7d721...18.exe

windows7-x64

7

37e5c7d721...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/eula.html

windows7-x64

1

$PLUGINSDIR/eula.html

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PROGRAMFI...gs.exe

windows7-x64

1

$PROGRAMFI...gs.exe

windows10-2004-x64

1

$PROGRAMFI...ar.dll

windows7-x64

1

$PROGRAMFI...ar.dll

windows10-2004-x64

1

$PROGRAMFI...er.dll

windows7-x64

1

$PROGRAMFI...er.dll

windows10-2004-x64

1

$PROGRAMFI...ts.exe

windows7-x64

1

$PROGRAMFI...ts.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11-07-2024 05:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PROGRAMFILES/alotappbar/bin/alothelper.dll

  • Size

    47KB

  • MD5

    5ed32a1675e1739da11affc0463b9dc6

  • SHA1

    edc23cd5cf91f7840d681832fc47a750f8b95981

  • SHA256

    909c18d5bd184cc7cbae0e26cb9c0b792119b594a033e10019a5f2f0ddf35b7c

  • SHA512

    b176bf63d701d1385bcdd6165b9d29cc18e105cd45d9ea4be3217904c9e532448a71325bce76dc817cbede2b6f5dda5d78ecf24def439794374947080b23f302

  • SSDEEP

    768:75YQhUbgis5yiRGo+As+8somNbIwqpHB0UgInNiu7zlmPSrg5ZXLXbChU:7x+bvs5HL+AS2zqj0CBlySrgfX3ChU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\alotappbar\bin\alothelper.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2260
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\alotappbar\bin\alothelper.dll
      2⤵
        PID:2684

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2684-1-0x0000000000A40000-0x0000000000B31000-memory.dmp

      Filesize

      964KB

      Download