8ce919907ac2af679dc55962b89c83b9f76a51d0163ebf9a563fcaabfb3fa120

Analysis

max time kernel
135s
max time network
137s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
18-08-2024 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PYG64.dll
Size

1.3MB
MD5

7c113281e232ee4e81217048737520ba
SHA1

f63d701fd81bbc9a03a8b43855aa6b5e694ab869
SHA256

65da2ac4ef85238bf977e948b1f14a85f8d2dd35d00e93c6f2cf5e8f4cf1d5f3
SHA512

d193d81f876ab662a6bcb24d442148e6826449a029e09271336c9a7730de5c22f195f431ebd13eb173574c4c0eefafdf6893a5bf245cdc07f127b16c77a254c2
SSDEEP

24576:PyXrbprozekA3dJG7xjOeGtqYVYkXTY6TTdTatPo0QT0PiQjV6:PGVoyJ3C7xjTGtqYVYkXPlTaW9T036

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
3080	rundll32.exe
3080	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\PYG64.dll,#1
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:3080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3080-0-0x00007FFA2EE10000-0x00007FFA2F259000-memory.dmp

Filesize
4.3MB

Download
memory/3080-3-0x00007FFA2EE10000-0x00007FFA2F259000-memory.dmp

Filesize
4.3MB

Download
memory/3080-4-0x00007FFA0A860000-0x00007FFA0A870000-memory.dmp

Filesize
64KB

Download
memory/3080-6-0x00007FFA4A8D5000-0x00007FFA4A8D6000-memory.dmp

Filesize
4KB

Download
memory/3080-7-0x00007FFA19330000-0x00007FFA1950B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-9-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-8-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-5-0x00007FFA0A860000-0x00007FFA0A870000-memory.dmp

Filesize
64KB

Download
memory/3080-13-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-12-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-11-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-10-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-18-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-20-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-23-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-22-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-21-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-19-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-17-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-16-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-15-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-14-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-35-0x00007FFA16620000-0x00007FFA16869000-memory.dmp

Filesize
2.3MB

Download
memory/3080-24-0x00007FFA19330000-0x00007FFA1950B000-memory.dmp

Filesize
1.9MB

Download
memory/3080-36-0x00007FFA16620000-0x00007FFA16869000-memory.dmp

Filesize
2.3MB

Download
memory/3080-44-0x00007FFA4A830000-0x00007FFA4AA0B000-memory.dmp

Filesize
1.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads