Overview

overview

10

Static

static

10

Apache_Ope...es.exe

windows10-ltsc 2021-x64

6

$PLUGINSDI...ns.dll

windows10-ltsc 2021-x64

3

stat.py

windows10-ltsc 2021-x64

3

stats.py

windows10-ltsc 2021-x64

3

statvfs.py

windows10-ltsc 2021-x64

3

stl_01.ott

windows10-ltsc 2021-x64

3

stl_02.ott

windows10-ltsc 2021-x64

3

stl_03.ott

windows10-ltsc 2021-x64

3

swui.dll

windows10-ltsc 2021-x64

3

symbol.py

windows10-ltsc 2021-x64

3

symbols.py

windows10-ltsc 2021-x64

3

symtable.py

windows10-ltsc 2021-x64

3

synchronize.py

windows10-ltsc 2021-x64

3

syntax.py

windows10-ltsc 2021-x64

3

sysconfig.py

windows10-ltsc 2021-x64

3

sysconfig1.py

windows10-ltsc 2021-x64

3

sysdtrans.dll

windows10-ltsc 2021-x64

3

sysmail.uno.dll

windows10-ltsc 2021-x64

3

syssh.uno.dll

windows10-ltsc 2021-x64

3

t602filter.dll

windows10-ltsc 2021-x64

3

tabbedpages.py

windows10-ltsc 2021-x64

3

table.jar

windows10-ltsc 2021-x64

1

tabnanny.py

windows10-ltsc 2021-x64

3

tarfile.py

windows10-ltsc 2021-x64

3

telnetlib.py

windows10-ltsc 2021-x64

3

tempfile.py

windows10-ltsc 2021-x64

3

textoutstream.uno.dll

windows10-ltsc 2021-x64

3

openoffice4115.msi

windows10-ltsc 2021-x64

6

readmes/re...s.html

windows10-ltsc 2021-x64

4

redist/vcr...64.exe

windows10-ltsc 2021-x64

7

redist/vcr...86.exe

windows10-ltsc 2021-x64

7

setup.exe

windows10-ltsc 2021-x64

7

Analysis

  • max time kernel
    423s
  • max time network
    440s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250113-es
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250113-eslocale:es-esos:windows10-ltsc 2021-x64systemwindows
  • submitted
    22/01/2025, 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    textoutstream.uno.dll

  • Size

    22KB

  • MD5

    c27254aed7ac9cfbc61e6dbd51904968

  • SHA1

    6022370f585a9d9ea0618140b100e1eac9e33cce

  • SHA256

    2fbe6c29e6de2906e72ec84bbe03f42a055111ba6768512045b2d4745d63d547

  • SHA512

    fa3503a3e550f81105fe72ed666c0f3f9b071b0494edaa0a70c24c1c049acd80bb2360b49dd6355d0743521c5256dc2bf3b07823b3f4c500ab676424fd4567b7

  • SSDEEP

    384:D9ewMvchS2fZ6a2JdPzf2KrqbJk+E1SeWXOOVlvtnKyiL6:AwB0Pzf3qlkqXOIHKyP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\textoutstream.uno.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4416
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\textoutstream.uno.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:3416

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads