Overview

overview

10

Static

static

10

0297bbb0f0...ee.exe

windows10-1703-x64

3

15aeb8380c...71.exe

windows10-1703-x64

10

1820a0542f...34.dll

windows10-1703-x64

10

1df11bc19a...ad.exe

windows10-1703-x64

7

22934e006b...e7.exe

windows10-1703-x64

3

24989d884f...b7.exe

windows10-1703-x64

10

2828fabf39...65.dll

windows10-1703-x64

1

32b0fbaf95...08.exe

windows10-1703-x64

10

4bf2dace8a...d7.exe

windows10-1703-x64

10

55d03f9954...44.dll

windows10-1703-x64

10

5e58e3818a...cb.exe

windows10-1703-x64

10

611cf2be67...47.exe

windows10-1703-x64

10

654e574fb4...01.exe

windows10-1703-x64

3

6f4ac0da34...a5.exe

windows10-1703-x64

9

$PLUGINSDI...em.dll

windows10-1703-x64

3

$PLUGINSDIR/UAC.dll

windows10-1703-x64

3

$PLUGINSDI...fo.dll

windows10-1703-x64

3

$PLUGINSDI...gs.dll

windows10-1703-x64

3

$PROGRAMFI...it.dll

windows10-1703-x64

3

$PROGRAMFI...ge.dll

windows10-1703-x64

3

$PROGRAMFI...er.dll

windows10-1703-x64

3

7109e67cf6...58.exe

windows10-1703-x64

10

71e2483b2d...4e.dll

windows10-1703-x64

10

79fb1d00ef...00.exe

windows10-1703-x64

1

7ef9667e73...98.exe

windows10-1703-x64

1

8264e723a4...9d.exe

windows10-1703-x64

3

8427f4aaf2...96.exe

windows10-1703-x64

6

863c612734...af.exe

windows10-1703-x64

3

91eab57eaf...d8.exe

windows10-1703-x64

10

942263c895...38.exe

windows10-1703-x64

10

95193266e3...fc.exe

windows10-1703-x64

1

99db2e7287...4e.exe

windows10-1703-x64

10

Resubmissions

04-10-2024 16:44

241004-t8yv3syhpd 10

27-09-2024 16:54

240927-vepkzsvbre 10

27-09-2024 16:44

240927-t86wpavard 10

04-08-2024 18:04

240804-wnq1vawbpg 10

03-08-2024 17:26

240803-vzvbzazekn 10

03-08-2024 16:14

240803-tpp4tsshqa 10

03-08-2024 15:52

240803-tbarzsseqc 10

31-07-2024 19:40

240731-ydk3yszdpq 10

31-07-2024 10:53

240731-my145atfmf 10

Analysis

  • max time kernel
    314s
  • max time network
    623s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    31-07-2024 19:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/System.dll

  • Size

    11KB

  • MD5

    bf712f32249029466fa86756f5546950

  • SHA1

    75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

  • SHA256

    7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

  • SHA512

    13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

  • SSDEEP

    192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3340
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:4400
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4400 -s 628
        3⤵
        • Program crash
        PID:4704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads