Overview

overview

10

Static

static

10

Apache_Ope...es.exe

windows10-ltsc 2021-x64

6

$PLUGINSDI...ns.dll

windows10-ltsc 2021-x64

3

stat.py

windows10-ltsc 2021-x64

3

stats.py

windows10-ltsc 2021-x64

3

statvfs.py

windows10-ltsc 2021-x64

3

stl_01.ott

windows10-ltsc 2021-x64

3

stl_02.ott

windows10-ltsc 2021-x64

3

stl_03.ott

windows10-ltsc 2021-x64

3

swui.dll

windows10-ltsc 2021-x64

3

symbol.py

windows10-ltsc 2021-x64

3

symbols.py

windows10-ltsc 2021-x64

3

symtable.py

windows10-ltsc 2021-x64

3

synchronize.py

windows10-ltsc 2021-x64

3

syntax.py

windows10-ltsc 2021-x64

3

sysconfig.py

windows10-ltsc 2021-x64

3

sysconfig1.py

windows10-ltsc 2021-x64

3

sysdtrans.dll

windows10-ltsc 2021-x64

3

sysmail.uno.dll

windows10-ltsc 2021-x64

3

syssh.uno.dll

windows10-ltsc 2021-x64

3

t602filter.dll

windows10-ltsc 2021-x64

3

tabbedpages.py

windows10-ltsc 2021-x64

3

table.jar

windows10-ltsc 2021-x64

1

tabnanny.py

windows10-ltsc 2021-x64

3

tarfile.py

windows10-ltsc 2021-x64

3

telnetlib.py

windows10-ltsc 2021-x64

3

tempfile.py

windows10-ltsc 2021-x64

3

textoutstream.uno.dll

windows10-ltsc 2021-x64

3

openoffice4115.msi

windows10-ltsc 2021-x64

6

readmes/re...s.html

windows10-ltsc 2021-x64

4

redist/vcr...64.exe

windows10-ltsc 2021-x64

7

redist/vcr...86.exe

windows10-ltsc 2021-x64

7

setup.exe

windows10-ltsc 2021-x64

7

Analysis

  • max time kernel
    405s
  • max time network
    453s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250113-es
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250113-eslocale:es-esos:windows10-ltsc 2021-x64systemwindows
  • submitted
    22-01-2025 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sysdtrans.dll

  • Size

    115KB

  • MD5

    6eb868b4341f19f95e8f40fbae2d5b49

  • SHA1

    ac0e4a7c9e01093e870d381103848aac1fb53c9f

  • SHA256

    edbf894e9965da6250bdc12c46af261efc2be4afd817ac755850efcaf9492921

  • SHA512

    1ea323f658ec812e135f468ce6a5b63774907b52e71ffcb9070e88364530993759829cf6959ebca6ad91b061006f4bba765e62f2552b6a4f4a1d23c8cf0092b1

  • SSDEEP

    1536:6evoVIb+Gs2Q2mksrsDXbsGcCcdqFAQBvJINBcCGLXO+Y+MwqY:6evoVI9soJMdqqQBBwSLXOJ+MwqY

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\sysdtrans.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1760
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\sysdtrans.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:3692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads