Overview

overview

10

Static

static

10

TotalAV.exe

windows7-x64

7

TotalAV.exe

windows10-2004-x64

7

System.Com...ns.dll

windows7-x64

1

System.Com...ns.dll

windows10-2004-x64

1

System.Com...nc.dll

windows7-x64

1

System.Com...nc.dll

windows10-2004-x64

1

System.Com...es.dll

windows7-x64

1

System.Com...es.dll

windows10-2004-x64

1

System.Com...er.dll

windows7-x64

1

System.Com...er.dll

windows10-2004-x64

1

System.Com...el.dll

windows7-x64

1

System.Com...el.dll

windows10-2004-x64

1

System.Con...er.dll

windows7-x64

1

System.Con...er.dll

windows10-2004-x64

1

System.Con...on.dll

windows7-x64

1

System.Con...on.dll

windows10-2004-x64

1

System.Console.dll

windows7-x64

1

System.Console.dll

windows10-2004-x64

1

System.Core.dll

windows7-x64

1

System.Core.dll

windows10-2004-x64

1

System.Dat...on.dll

windows7-x64

1

System.Dat...on.dll

windows10-2004-x64

1

System.Dat...ns.dll

windows7-x64

1

System.Dat...ns.dll

windows10-2004-x64

1

System.Dat...F6.dll

windows7-x64

1

System.Dat...F6.dll

windows10-2004-x64

1

System.Dat...te.dll

windows7-x64

1

System.Dat...te.dll

windows10-2004-x64

1

System.Dat...nt.dll

windows7-x64

1

System.Dat...nt.dll

windows10-2004-x64

1

System.Data.dll

windows7-x64

1

System.Data.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    1654s
  • max time network
    1552s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-07-2024 01:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    System.Console.dll

  • Size

    154KB

  • MD5

    9b18a6627b27d2aadad0d7b2dc42414d

  • SHA1

    eb96a2e1ffa11dd3167fcabe69c4768e514dde95

  • SHA256

    79815e1044ac3f10597a9014d07b2c5aa5a2b7e7da0299843e3ef1bae5a5b7f4

  • SHA512

    9cb0bcbd3b63c470101a2e91b85c918ca25fa06ea07242f33141a42d9463882c86277820ec6658bfedb55098304f5f9c0a967498619c4df20923973656c7c5b6

  • SSDEEP

    3072:AoO/mX67cJR50QAuetvH7ARZvcKZF4fJXtq3:1X67cJR505b2ZvcKeh+

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\System.Console.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4224
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\System.Console.dll,#1
      2⤵
        PID:1568

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads