d71bde4d5c3e93407c192232e7da5be5cbb67f8ea801f085701aebefcc5cf10b

Analysis

max time kernel
150s
max time network
156s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
02-12-2024 15:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

libcef.dll
Size

51.8MB
MD5

4ed88e42e03a2111fd6e860146248127
SHA1

623ab0609ef6502256cdf8516877c6679555f9c2
SHA256

920404420871fbf59022347deee50bf5e2d16cbb09dea56b68248be39f372d78
SHA512

73f83feba7515eebadc6cf627b1230a84a0c18bcdcd565f503c629ab2c958cc8d1ce884d2808bf20992960fe9d2cf3ed07da1734cd6ffce9daf8e2d202164168
SSDEEP

393216:eTFnUXVXIwbXNvhFyLC1+7vLuk6tx5kWlcwu279jsFMC8ytoks8Zh6HmKZd44VQV:eYL70rUymBf0gdmVW7mJEo

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	rundll32.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\libcef.dll,#1
1⤵
- Checks processor information in registry
PID:4768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads