Overview
overview
10Static
static
10wentra/Guna.UI2.dll
windows7-x64
1wentra/Guna.UI2.dll
windows10-2004-x64
1wentra/Spoofer.exe
windows7-x64
1wentra/Spoofer.exe
windows10-2004-x64
1wentra/alperenxrq.exe
windows7-x64
3wentra/alperenxrq.exe
windows10-2004-x64
7wentra/run...nt.dll
windows7-x64
1wentra/run...nt.dll
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
13-09-2024 19:15
Behavioral task
behavioral1
Sample
wentra/Guna.UI2.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
wentra/Guna.UI2.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
wentra/Spoofer.exe
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
wentra/Spoofer.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
wentra/alperenxrq.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
wentra/alperenxrq.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
wentra/runtimes/win/lib/net6.0/System.Management.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
wentra/runtimes/win/lib/net6.0/System.Management.dll
Resource
win10v2004-20240802-en
General
-
Target
wentra/Spoofer.exe
-
Size
19KB
-
MD5
b14851dbf9c880fa7e82f473f039e27c
-
SHA1
6d75857683785ea7a521a276f208a2efd8ff8017
-
SHA256
592b6be347b53a82d76df7d97abf289ae5d5c816b863adb40aa9d6a5cbd63c61
-
SHA512
36a38bcebd99313a1a4fe7b766a5b5bb706c1bc7f80e938c8566fb399eabe186d0d556997af4744e4c2e3772e1de7fa209df26c35227c601f7ad9714b0b482f4
-
SSDEEP
384:RAZiqa8rhY8Jf9l2Dv9xAzbkKf+iFD7ePUkLPyPfkl+vzwjKqPeW:Ruiqaf8t9oubnPgUmwRW
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2756 wrote to memory of 2884 2756 Spoofer.exe 30 PID 2756 wrote to memory of 2884 2756 Spoofer.exe 30 PID 2756 wrote to memory of 2884 2756 Spoofer.exe 30