Overview

overview

10

Static

static

10

Axion.dll

windows7-x64

1

Axion.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    17s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2025 08:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Axion.dll

  • Size

    7.3MB

  • MD5

    859e1b689f230c43fc7831d3fb21ea97

  • SHA1

    9ea60dbefb7b30274a029181d0209440a6d1b440

  • SHA256

    f05d3bdad550ab7f298ffd91c6a214c87755f1fde9fafb88a111e12d9a2c1aec

  • SHA512

    f45c25df4e75de7178646707883285a384a48386332fda880d177da9f8b23f7125726d07c742bfa65e6aaba1ed50401b5fe27a3ceb6eb68fab50275cd7b71c71

  • SSDEEP

    49152:Yv4QCQlty2QBCYql2sTeKQi4XvJzl/StlnMg8D9vSP3Kvz3gqeWvtAzlunvh/qNl:sO9/Xj/PD9aPMBSG/lgQ/6S+ttYzPc

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Axion.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2620
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2620 -s 156
      2⤵
        PID:2636
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2812

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads