Analysis
-
max time kernel
14s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
05-10-2024 08:55
Static task
static1
Behavioral task
behavioral1
Sample
Furry开户工具.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Furry开户工具.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
libcurl-x64.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
libcurl-x64.dll
Resource
win10v2004-20240802-en
General
-
Target
libcurl-x64.dll
-
Size
3.0MB
-
MD5
2f0604c94a6ff5ba399e6bf31c4f57a4
-
SHA1
e29fac41b35fa89c41a3907976e120d4bd5e6a3d
-
SHA256
09a7c800ee478765d20412c4348e2c6b8fd888b8cb94b467a70a7475a8c297ce
-
SHA512
f656a84e203d2ddae3e504013257f3e45d2c29acf7df2e7392f619efaea72a90cc82e26cead89549239e20e8469d3ccea8427f4fdd7964fb38ef55320fc1107a
-
SSDEEP
49152:qaFaU3U5gZyjsweArOJA6jeYRVxw9ZwgGCFc1P2i+W6jVg5JWNsTME7hbGIWB:lhyjZOJnXPEdGCFaP2iSOJWNvG41B
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid Process procid_target PID 2428 wrote to memory of 2936 2428 rundll32.exe 29 PID 2428 wrote to memory of 2936 2428 rundll32.exe 29 PID 2428 wrote to memory of 2936 2428 rundll32.exe 29