Overview

overview

7

Static

static

7

0efb7efdc3...18.exe

windows7-x64

3

0efb7efdc3...18.exe

windows10-2004-x64

3

$PLUGINSDI...ol.dll

windows7-x64

5

$PLUGINSDI...ol.dll

windows10-2004-x64

5

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ip.dll

windows7-x64

3

$PLUGINSDI...ip.dll

windows10-2004-x64

3

$PLUGINSDI...ML.dll

windows7-x64

3

$PLUGINSDI...ML.dll

windows10-2004-x64

3

$PLUGINSDI...fw.dll

windows7-x64

3

$PLUGINSDI...fw.dll

windows10-2004-x64

3

$TEMP/Alaw...up.exe

windows7-x64

7

$TEMP/Alaw...up.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDIR/Games.dll

windows7-x64

3

$PLUGINSDIR/Games.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-10-2024 10:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/inetc.dll

  • Size

    58KB

  • MD5

    34aafdcc9ba1a2acc6d6fe9ca347ac7b

  • SHA1

    23a4f3ea483d8643d427b29ed92af8253c0d3e6b

  • SHA256

    baf9f333f6276ed10cd1c29c619d1e9143e9b751c5a043d8212567333d0aa9cd

  • SHA512

    1ded039235005fc6ea3bdbaac2e4d74892188e089d95ddca1486a1c83dba1b67eca72b3e1318adf3d8753a0f3fe805c6df46f9e6f1fef44bc1f469a93f6466f5

  • SSDEEP

    768:oFTOjdPSKXRc/7SfH3qMnJQfhLNjhtajfYwnTED8ekOvnv8cUyWuZ:oAdqA+yHFJ6hrtWlIRv8cUy

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\inetc.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\inetc.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2660
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2660 -s 624
        3⤵
        • Program crash
        PID:5116
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 2660 -ip 2660
    1⤵
      PID:372

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads