Overview

overview

10

Static

static

1

!Premium--...dor.js

windows7-x64

3

!Premium--...dor.js

windows10-2004-x64

3

!Premium--...002.js

windows7-x64

3

!Premium--...002.js

windows10-2004-x64

3

!Premium--...nt.dll

windows7-x64

1

!Premium--...nt.dll

windows10-2004-x64

1

!Premium--...007.js

windows7-x64

3

!Premium--...007.js

windows10-2004-x64

3

!Premium--...st.ps1

windows7-x64

3

!Premium--...st.ps1

windows10-2004-x64

3

!Premium--...co.dll

windows7-x64

1

!Premium--...co.dll

windows10-2004-x64

1

!Premium--...009.js

windows7-x64

3

!Premium--...009.js

windows10-2004-x64

3

!Premium--...ult.js

windows7-x64

3

!Premium--...ult.js

windows10-2004-x64

3

!Premium--....0.dll

windows7-x64

1

!Premium--....0.dll

windows10-2004-x64

1

!Premium--...mp.dll

windows7-x64

1

!Premium--...mp.dll

windows10-2004-x64

1

!Premium--...st.exe

windows7-x64

1

!Premium--...st.exe

windows10-2004-x64

1

!Premium--...ce.ps1

windows7-x64

3

!Premium--...ce.ps1

windows10-2004-x64

3

!Premium--...n3.ps1

windows7-x64

3

!Premium--...n3.ps1

windows10-2004-x64

3

!Premium--...up.exe

windows7-x64

10

!Premium--...up.exe

windows10-2004-x64

10

!Premium--...ib.dll

windows7-x64

3

!Premium--...ib.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2024, 05:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    !Premium--SatUp/WJSLib.dll

  • Size

    124KB

  • MD5

    4b3d0e79ce7f8615879662cf20128f8c

  • SHA1

    90dea4a943df881ac1cdb69b1d3d496cb2276ae7

  • SHA256

    3634ffd4c7f43b7cc97a8f206eb43accadf020750c8a82e1609d9a02c47328cd

  • SHA512

    4fa8e0f6b7e789c7fead6dc738030b405ee6d01b7df815b68305a1e8bd527348b705b7ccc7bdbde5b19bba3998ea8b92b2bd372735da122fd2b5092ab79abbe4

  • SSDEEP

    3072:KRkoeTuAr+Gbqr2bTvcQtU3qIllQfPanS0Cr0aT:KRzeTuI+G2Cf1U3qGganS0U0i

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\!Premium--SatUp\WJSLib.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3588
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\!Premium--SatUp\WJSLib.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:3744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads