Overview
overview
10Static
static
3Generated ...ls.exe
windows7-x64
10Generated ...ls.exe
windows10-2004-x64
3Generated ...-0.dll
windows10-2004-x64
1Generated ...-0.dll
windows10-2004-x64
1Generated ...-0.dll
windows10-2004-x64
1Generated ...-0.dll
windows10-2004-x64
1Generated ...-0.dll
windows10-2004-x64
1Generated ...-0.dll
windows10-2004-x64
1Generated ...-0.dll
windows10-2004-x64
1Generated ...re.dll
windows7-x64
1Generated ...re.dll
windows10-2004-x64
1Generated ...mi.dll
windows7-x64
1Generated ...mi.dll
windows10-2004-x64
1Generated ...40.dll
windows7-x64
1Generated ...40.dll
windows10-2004-x64
1Generated ...40.dll
windows7-x64
1Generated ...40.dll
windows10-2004-x64
1Generated ...re.dll
windows7-x64
1Generated ...re.dll
windows10-2004-x64
3Generated ...st.dll
windows7-x64
1Generated ...st.dll
windows10-2004-x64
1Generated ...40.dll
windows7-x64
1Generated ...40.dll
windows10-2004-x64
1Generated ...40.dll
windows7-x64
1Generated ...40.dll
windows10-2004-x64
1Generated ...40.dll
windows7-x64
1Generated ...40.dll
windows10-2004-x64
1Generated ..._1.dll
windows7-x64
1Generated ..._1.dll
windows10-2004-x64
1Generated ..._2.dll
windows7-x64
1Generated ..._2.dll
windows10-2004-x64
1Generated ...it.dll
windows7-x64
1Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
02-09-2024 05:36
Static task
static1
Behavioral task
behavioral1
Sample
Generated Invoice and Log sheet details/A Generated Invoice and Log sheet details.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
Generated Invoice and Log sheet details/A Generated Invoice and Log sheet details.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-filesystem-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral4
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-heap-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-locale-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-math-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-multibyte-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-time-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Generated Invoice and Log sheet details/api-ms-win-crt-utility-l1-1-0.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral10
Sample
Generated Invoice and Log sheet details/d3dx9_43_core.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral11
Sample
Generated Invoice and Log sheet details/d3dx9_43_core.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral12
Sample
Generated Invoice and Log sheet details/dpcmi.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral13
Sample
Generated Invoice and Log sheet details/dpcmi.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral14
Sample
Generated Invoice and Log sheet details/msobj140.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral15
Sample
Generated Invoice and Log sheet details/msobj140.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral16
Sample
Generated Invoice and Log sheet details/mspdb140.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral17
Sample
Generated Invoice and Log sheet details/mspdb140.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
Generated Invoice and Log sheet details/mspdbcore.dll
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral19
Sample
Generated Invoice and Log sheet details/mspdbcore.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
Generated Invoice and Log sheet details/mspdbst.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral21
Sample
Generated Invoice and Log sheet details/mspdbst.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
Generated Invoice and Log sheet details/mspft140.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral23
Sample
Generated Invoice and Log sheet details/mspft140.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral24
Sample
Generated Invoice and Log sheet details/msvcdis140.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral25
Sample
Generated Invoice and Log sheet details/msvcdis140.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral26
Sample
Generated Invoice and Log sheet details/msvcp140.dll
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral27
Sample
Generated Invoice and Log sheet details/msvcp140.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral28
Sample
Generated Invoice and Log sheet details/msvcp140_1.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral29
Sample
Generated Invoice and Log sheet details/msvcp140_1.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral30
Sample
Generated Invoice and Log sheet details/msvcp140_2.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral31
Sample
Generated Invoice and Log sheet details/msvcp140_2.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral32
Sample
Generated Invoice and Log sheet details/msvcp140_atomic_wait.dll
Resource
win7-20240729-en
windows7-x64
General
-
Target
Generated Invoice and Log sheet details/mspdbcore.dll
-
Size
739KB
-
MD5
8a1f558b8eb6cf674f186311c171d042
-
SHA1
9035a86b3fc5eb192b3d98e7dc551193bb5e2edf
-
SHA256
3193ff0b3db506c6272d21014b802f5a4e49ed7949b06c86029ac91ad01a63f1
-
SHA512
a59d1a1cd6ce3bb748d690ca4eb3a4ef68c2094e69c139ea9b082b0b3fb0ba05089bac59fb02d532372d2de618d369680bdfee8ce9f4404248e77d0c6b382c36
-
SSDEEP
12288:r+2YiTo1wE5qVGCWw/ZKpeh3ZY9Lzmz0TbSqHwR9TIKTegHBIQ:1YooyE5qVMw/cpe891TbdHwHTj/HSQ
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 13 IoCs
description pid Process procid_target PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 1884 2404 rundll32.exe 31 PID 2404 wrote to memory of 2100 2404 rundll32.exe 32 PID 2404 wrote to memory of 2100 2404 rundll32.exe 32 PID 2404 wrote to memory of 2100 2404 rundll32.exe 32 PID 2404 wrote to memory of 2100 2404 rundll32.exe 32
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\Generated Invoice and Log sheet details\mspdbcore.dll",#11⤵
- Suspicious use of WriteProcessMemory
PID:2404 -
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"2⤵PID:1884
-
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"2⤵PID:2100
-