Overview

overview

3

Static

static

3

5aae6c002f...e8.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/08/2024, 21:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5aae6c002f2dc1da2373a8a3f786a453526d38aaf52fec666454e3070d9915e8.dll

  • Size

    1.4MB

  • MD5

    d0eb1142b2fe26d73304c8063d5b9cae

  • SHA1

    703107c48992eb7c5cc9b052bd71da16a20ac77e

  • SHA256

    5aae6c002f2dc1da2373a8a3f786a453526d38aaf52fec666454e3070d9915e8

  • SHA512

    b3d3cffb2910fc5d585a291baaa5ad61716d69497e95333db41aca1be1df372247069f3254f7d2d766745606dae9e91898b12d1780d2a07d9cb00e5def4de0a9

  • SSDEEP

    6144:pL+mPpIKPsQZ1y5v0CEGfBQJJJeYfmQVDLT4fxLUefqWbvMpnX3t5oEihpHGa4cb:vyJBmJJeYfdqUevYt5qUcb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5aae6c002f2dc1da2373a8a3f786a453526d38aaf52fec666454e3070d9915e8.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4272
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5aae6c002f2dc1da2373a8a3f786a453526d38aaf52fec666454e3070d9915e8.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:4740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads