Overview

overview

3

Static

static

3

Protein_x64.3.17.dll

windows7-x64

1

Protein_x64.3.17.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    68s
  • max time network
    71s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/08/2024, 15:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Protein_x64.3.17.dll

  • Size

    3KB

  • MD5

    ba356b1dbabea58cdb1d1c79be6df840

  • SHA1

    0b5c40327c0aa4ff24f28f2df2363c800dfff9d3

  • SHA256

    9585e5817b3b41c4e6e99ded149322203aa9bb28f9dc4c1d2fe8b2c2861c1aa9

  • SHA512

    71e6fee34dbe332a05c3785283673d54e5237ee63fa3da4fc58d11b6fd89fbf849cae129ea1905b2a72d54498f79a9d217664391e532e8228bfce053017004c9

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 16 IoCs
  • Suspicious use of SendNotifyMessage 15 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Protein_x64.3.17.dll,#1
    1⤵
      PID:884
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\ConvertFromExit.mpa"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:3948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/884-0-0x0000000180000000-0x0000000180007000-memory.dmp

      Filesize

      28KB

      Download

    • memory/3948-12-0x00007FF8EF0F0000-0x00007FF8EF124000-memory.dmp

      Filesize

      208KB

      Download

    • memory/3948-11-0x00007FF790380000-0x00007FF790478000-memory.dmp

      Filesize

      992KB

      Download

    • memory/3948-17-0x00007FF8EF1C0000-0x00007FF8EF1D7000-memory.dmp

      Filesize

      92KB

      Download

    • memory/3948-13-0x00007FF8DBE30000-0x00007FF8DC0E6000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/3948-20-0x00007FF8EB8B0000-0x00007FF8EB8C1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3948-19-0x00007FF8EBB00000-0x00007FF8EBB1D000-memory.dmp

      Filesize

      116KB

      Download

    • memory/3948-18-0x00007FF8EBB20000-0x00007FF8EBB31000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3948-21-0x00007FF8DB4C0000-0x00007FF8DB6CB000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3948-16-0x00007FF8EF2E0000-0x00007FF8EF2F1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3948-15-0x00007FF8EFFE0000-0x00007FF8EFFF7000-memory.dmp

      Filesize

      92KB

      Download

    • memory/3948-14-0x00007FF8F17E0000-0x00007FF8F17F8000-memory.dmp

      Filesize

      96KB

      Download

    • memory/3948-23-0x00007FF8EB6D0000-0x00007FF8EB711000-memory.dmp

      Filesize

      260KB

      Download

    • memory/3948-28-0x00007FF8EB560000-0x00007FF8EB571000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3948-27-0x00007FF8EB580000-0x00007FF8EB591000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3948-29-0x00007FF8DA110000-0x00007FF8DA2CA000-memory.dmp

      Filesize

      1.7MB

      Download

    • memory/3948-26-0x00007FF8EB5A0000-0x00007FF8EB5B1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/3948-25-0x00007FF8EB890000-0x00007FF8EB8A8000-memory.dmp

      Filesize

      96KB

      Download

    • memory/3948-24-0x00007FF8EB5C0000-0x00007FF8EB5E1000-memory.dmp

      Filesize

      132KB

      Download

    • memory/3948-22-0x00007FF8DA410000-0x00007FF8DB4C0000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/3948-37-0x00007FF790380000-0x00007FF790478000-memory.dmp

      Filesize

      992KB

      Download

    • memory/3948-38-0x00007FF8EF0F0000-0x00007FF8EF124000-memory.dmp

      Filesize

      208KB

      Download

    • memory/3948-39-0x00007FF8DBE30000-0x00007FF8DC0E6000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/3948-40-0x00007FF8DA410000-0x00007FF8DB4C0000-memory.dmp

      Filesize

      16.7MB

      Download