Overview

overview

3

Static

static

3

204c813c7f...0f.dll

windows7-x64

3

204c813c7f...0f.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240730-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-08-2024 20:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    204c813c7f11a7d21a3a20bf9e49d6b9ceb0143325b7a184facb02eae9555f0f.dll

  • Size

    5KB

  • MD5

    8e2ce14c8e8ef8a96dc49104c9e02ced

  • SHA1

    eec9c14d3edaa1bc19e3139ebe57f9832172281d

  • SHA256

    204c813c7f11a7d21a3a20bf9e49d6b9ceb0143325b7a184facb02eae9555f0f

  • SHA512

    172a31a323d5de536465d59f6654041e1443650111789764af84c78dd7d22ff05832fe7733f59f3564ed53c9cf3cdd808e526712ea695e61f8b533fb3ae771ce

  • SSDEEP

    96:hy859x0P8MaO+IIz1CQBwLuu/1iS+c8+:F5oLROCQBwKuUS+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\204c813c7f11a7d21a3a20bf9e49d6b9ceb0143325b7a184facb02eae9555f0f.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1140
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\204c813c7f11a7d21a3a20bf9e49d6b9ceb0143325b7a184facb02eae9555f0f.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads