Overview

overview

10

Static

static

3

Insstallin..._1.exe

windows10-ltsc 2021-x64

dII/AdGuar...er.dll

windows10-ltsc 2021-x64

1

dII/AdGuar...pi.dll

windows10-ltsc 2021-x64

1

dII/AdGuar...er.dll

windows10-ltsc 2021-x64

1

dII/AdGuar...se.dll

windows10-ltsc 2021-x64

1

dII/AdGuar...nt.dll

windows10-ltsc 2021-x64

1

dII/AdGuar...UI.dll

windows10-ltsc 2021-x64

1

dII/Adguar...on.dll

windows10-ltsc 2021-x64

1

dII/Entity...er.dll

windows10-ltsc 2021-x64

1

dII/Feedba...on.dll

windows10-ltsc 2021-x64

1

dII/FileReport.dll

windows10-ltsc 2021-x64

1

dII/Microsoft.Ink.dll

windows10-ltsc 2021-x64

3

dII/crashh...64.dll

windows10-ltsc 2021-x64

1

dII/fdgdf (1).dll

windows10-ltsc 2021-x64

3

dII/fdgdf (2).dll

windows10-ltsc 2021-x64

3

dII/fdgdf (3).dll

windows10-ltsc 2021-x64

1

dII/fdgdf (4).dll

windows10-ltsc 2021-x64

1

dII/fdgdf (5).dll

windows10-ltsc 2021-x64

1

dII/fdgdf (6).dll

windows10-ltsc 2021-x64

3

dII/fdgdf (7).dll

windows10-ltsc 2021-x64

1

dII/gfhgfhswf.dll

windows10-ltsc 2021-x64

1

dII/iTunes...on.dll

windows10-ltsc 2021-x64

1

dII/libEGL.dll

windows10-ltsc 2021-x64

3

dII/libcurl.dll

windows10-ltsc 2021-x64

1

dII/libdispatch.dll

windows10-ltsc 2021-x64

1

dII/libssl...64.dll

windows10-ltsc 2021-x64

1

dII/libssl-3-x64.dll

windows10-ltsc 2021-x64

1

dII/libxml2.dll

windows10-ltsc 2021-x64

1

dII/mshwLatin.dll

windows10-ltsc 2021-x64

3

dII/mshwrwisp.dll

windows10-ltsc 2021-x64

3

jres/bin1/...32.dll

windows10-ltsc 2021-x64

3

jres/bin1/...ge.dll

windows10-ltsc 2021-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20241023-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    16-11-2024 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dII/Microsoft.Ink.dll

  • Size

    492KB

  • MD5

    7dd8737644af1eb186c510886e1bf4ef

  • SHA1

    09ac7c7bd8720c51db1927414c7f5488543048f5

  • SHA256

    bb9d12feb5023f3f68d5b30dd52ff9320631cbe639675875c89353d0831f06d3

  • SHA512

    a766fdb2c0d57a32a93fa7d5bc5e090bfb0d92c6f9eb1656523339920947846b91bd04f268690dc067b5b06c6e998db8f48c9772cb34f729805f98458c9c3cfa

  • SSDEEP

    12288:bSWUpkHadw7Wh8PymIjOZUXGNgrGRsfil4T+Jnc9qDYfcTJkrm1w3SRczO9I/65Q:ApkHadw7Wh8PymIjOZUXGNgrGRsfil4B

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\dII\Microsoft.Ink.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4728
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\dII\Microsoft.Ink.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:4452

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads