Overview

overview

10

Static

static

10

enjoy/enjo...FF.exe

windows7-x64

7

enjoy/enjo...FF.exe

windows10-2004-x64

7

enjoy/enjo...43.dll

windows7-x64

1

enjoy/enjo...43.dll

windows10-2004-x64

1

enjoy/fold...43.dll

windows7-x64

1

enjoy/fold...43.dll

windows10-2004-x64

1

enjoy/folder/SOB.exe

windows7-x64

1

enjoy/folder/SOB.exe

windows10-2004-x64

1

enjoy/fold...11.dll

windows10-2004-x64

3

enjoy/fold...43.dll

windows7-x64

1

enjoy/fold...43.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    844s
  • max time network
    846s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    03-11-2024 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    enjoy/folder/D3DCompiler_43.dll

  • Size

    2.4MB

  • MD5

    ada0c39d4eacdc81fd84163a95d62079

  • SHA1

    207321f1b449985b2d06ed50b989fa6259e4eb8e

  • SHA256

    44c3a7e330b54a35a9efa015831392593aa02e7da1460be429d17c3644850e8a

  • SHA512

    1afc63db5d2030b76abc19094fc9fef28cc6250bd265294647e65db81f13749c867722924460f7a6021c739f4057f95501f0322cdec28a2101bf94164557a1a5

  • SSDEEP

    49152:zf59zPxKcvHzDB6t3+C0/aJfyLg7Ie4Xy+5j4m2CTB:M2642o7lftd

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\enjoy\folder\D3DCompiler_43.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1724 -s 80
      2⤵
        PID:2384

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads