Overview
overview
7Static
static
3lib/freetype.dll
windows7-x64
1lib/freetype.dll
windows10-2004-x64
1lib/harfbuzz.dll
windows7-x64
1lib/harfbuzz.dll
windows10-2004-x64
1lib/libglib-2.0-0.dll
windows7-x64
1lib/libglib-2.0-0.dll
windows10-2004-x64
1lib/libintl-8.dll
windows7-x64
1lib/libintl-8.dll
windows10-2004-x64
1lib/libpcre2-8.dll
windows7-x64
1lib/libpcre2-8.dll
windows10-2004-x64
1lib/libsharpyuv.dll
windows7-x64
1lib/libsharpyuv.dll
windows10-2004-x64
1lib/libwebp.dll
windows7-x64
1lib/libwebp.dll
windows10-2004-x64
1lib/libweb...er.dll
windows7-x64
1lib/libweb...er.dll
windows10-2004-x64
1lib/libwebpdemux.dll
windows7-x64
1lib/libwebpdemux.dll
windows10-2004-x64
1lib/onnxruntime.dll
windows7-x64
1lib/onnxruntime.dll
windows10-2004-x64
1lib/onnxru...ed.dll
windows7-x64
1lib/onnxru...ed.dll
windows10-2004-x64
1lib/ovrlipsync.dll
windows7-x64
1lib/ovrlipsync.dll
windows10-2004-x64
1lib/spout.dll
windows7-x64
1lib/spout.dll
windows10-2004-x64
1lib/wren.dll
windows7-x64
1lib/wren.dll
windows10-2004-x64
1veadotube_mini.exe
windows7-x64
1veadotube_mini.exe
windows10-2004-x64
7Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
16/07/2024, 03:31
Static task
static1
Behavioral task
behavioral1
Sample
lib/freetype.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
lib/freetype.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
lib/harfbuzz.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
lib/harfbuzz.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
lib/libglib-2.0-0.dll
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
lib/libglib-2.0-0.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
lib/libintl-8.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
lib/libintl-8.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
lib/libpcre2-8.dll
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
lib/libpcre2-8.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
lib/libsharpyuv.dll
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
lib/libsharpyuv.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
lib/libwebp.dll
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
lib/libwebp.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
lib/libwebpdecoder.dll
Resource
win7-20240705-en
Behavioral task
behavioral16
Sample
lib/libwebpdecoder.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
lib/libwebpdemux.dll
Resource
win7-20240704-en
Behavioral task
behavioral18
Sample
lib/libwebpdemux.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
lib/onnxruntime.dll
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
lib/onnxruntime.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
lib/onnxruntime_providers_shared.dll
Resource
win7-20240705-en
Behavioral task
behavioral22
Sample
lib/onnxruntime_providers_shared.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral23
Sample
lib/ovrlipsync.dll
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
lib/ovrlipsync.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral25
Sample
lib/spout.dll
Resource
win7-20240705-en
Behavioral task
behavioral26
Sample
lib/spout.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral27
Sample
lib/wren.dll
Resource
win7-20240704-en
Behavioral task
behavioral28
Sample
lib/wren.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral29
Sample
veadotube_mini.exe
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
veadotube_mini.exe
Resource
win10v2004-20240709-en
General
-
Target
lib/freetype.dll
-
Size
672KB
-
MD5
6ae30af213a471e450c566e8377eacd2
-
SHA1
cbae27cbd3323b93e57bc8b6844ef8d2cbb67080
-
SHA256
cabb749f16cf301ae2d33876fe14c7df219c574e4d3628c5ce0dcf2bc83a965d
-
SHA512
810fe3e6ba85cbb8a47f6150b432129ce94ab149ef8ecd538d4804de719e879d49fd3f7dffc8a83c0e74be661059fc95e55690531e4fbaca5b657fc64401c79e
-
SSDEEP
12288:CX65+PTFaMhDlrgwvLPjEszpxL/NIKwd68eOP8qCa6DjbwLKQdfEWmj:CX6MRaMhprg0PwszpxD2Rk8eOP8qCBjr
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2148 wrote to memory of 2224 2148 rundll32.exe 30 PID 2148 wrote to memory of 2224 2148 rundll32.exe 30 PID 2148 wrote to memory of 2224 2148 rundll32.exe 30