Overview

overview

6

Static

static

3

联通宽�...D.html

windows7-x64

1

联通宽�...D.html

windows10-2004-x64

1

联通宽�...ct.dll

windows7-x64

3

联通宽�...ct.dll

windows10-2004-x64

3

联通宽�...al.exe

windows7-x64

6

联通宽�...al.exe

windows10-2004-x64

6

联通宽�...2D.dll

windows7-x64

1

联通宽�...2D.dll

windows10-2004-x64

1

联通宽�...2D.dll

windows7-x64

1

联通宽�...2D.dll

windows10-2004-x64

1

联通宽�...2D.dll

windows7-x64

1

联通宽�...2D.dll

windows10-2004-x64

1

联通宽�...0D.dll

windows7-x64

3

联通宽�...0D.dll

windows10-2004-x64

3

联通宽�...TD.dll

windows7-x64

3

联通宽�...TD.dll

windows10-2004-x64

3

联通宽�...ta.exe

windows7-x64

1

联通宽�...ta.exe

windows10-2004-x64

1

联通宽�...P5.dll

windows7-x64

4

联通宽�...P5.dll

windows10-2004-x64

1

联通宽�...lp.chm

windows7-x64

1

联通宽�...lp.chm

windows10-2004-x64

1

联通宽�...��.url

windows7-x64

1

联通宽�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-07-2024 07:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    联通宽带拨号客户端/MFCN42D.dll

  • Size

    60KB

  • MD5

    980113a791c3030d564d8fa04c78a192

  • SHA1

    73b0d066d322ef0eb9a6d6900c74bc36d4d83af6

  • SHA256

    43ddf2529d4e7859f1ff868a4987e0ea4e9841b5037d63b421239095eb50924e

  • SHA512

    b88ac1b9082f0a1279de59008c9a8673b4059629da4392dcd23bf30d0fc5fb47f7f42033c2eecdec25f62458178fa50886b3b629748c7baec3ac581d42c44658

  • SSDEEP

    1536:kYov5N+D2TlEThLqI7YOdN9J3/wEZwm5LqHaa:kTLe2TlEThmI7YOdbJPwEZwm5LIaa

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\联通宽带拨号客户端\MFCN42D.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1572
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\联通宽带拨号客户端\MFCN42D.dll,#1
      2⤵
        PID:4600

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads