Analysis

  • max time kernel
    423s
  • max time network
    440s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250113-es
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250113-eslocale:es-esos:windows10-ltsc 2021-x64systemwindows
  • submitted
    22/01/2025, 15:18

General

  • Target

    textoutstream.uno.dll

  • Size

    22KB

  • MD5

    c27254aed7ac9cfbc61e6dbd51904968

  • SHA1

    6022370f585a9d9ea0618140b100e1eac9e33cce

  • SHA256

    2fbe6c29e6de2906e72ec84bbe03f42a055111ba6768512045b2d4745d63d547

  • SHA512

    fa3503a3e550f81105fe72ed666c0f3f9b071b0494edaa0a70c24c1c049acd80bb2360b49dd6355d0743521c5256dc2bf3b07823b3f4c500ab676424fd4567b7

  • SSDEEP

    384:D9ewMvchS2fZ6a2JdPzf2KrqbJk+E1SeWXOOVlvtnKyiL6:AwB0Pzf3qlkqXOIHKyP

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\textoutstream.uno.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4416
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\textoutstream.uno.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:3416

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads