Overview

overview

10

Static

static

10

Release/Di...at.exe

windows11-21h2-x64

10

builder.exe

windows11-21h2-x64

3

dnlib.dll

windows11-21h2-x64

1

Resubmissions

28-01-2025 00:13

250128-ahvwys1kdj 10

27-01-2025 20:14

250127-yz99zavkdl 10

Analysis

  • max time kernel
    34s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    27-01-2025 20:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dnlib.dll

  • Size

    1.1MB

  • MD5

    508ccde8bc7003696f32af7054ca3d97

  • SHA1

    1f6a0303c5ae5dc95853ec92fd8b979683c3f356

  • SHA256

    4758c7c39522e17bf93b3993ada4a1f7dd42bb63331bac0dcd729885e1ba062a

  • SHA512

    92a59a2e1f6bf0ce512d21cf4148fe027b3a98ed6da46925169a4d0d9835a7a4b1374ba0be84e576d9a8d4e45cb9c2336e1f5bd1ea53e39f0d8553db264e746d

  • SSDEEP

    24576:WHjoaczZfdE55hHl0WQ/OO4yb99MANKtv7f2dcME:tm/BQWgww

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\dnlib.dll,#1
    1⤵
      PID:2532
    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
      1⤵
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:788

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
      Filesize

      10KB

      MD5

      eed640164203d0d0a2a1e7919a6fdbdf

      SHA1

      9af74121e090cf2970beee82d22ef4ebb886c0ae

      SHA256

      4ca7fe712b4322fdb497733e015f4ae4496d3998772a6c37305da3cbba3eb7ae

      SHA512

      1bf6de193ae00189525ea9a685bbe3dc7722eceb6ccfb83c70adc766b6301b4978abf73b2f8f41b865f1521925308e4f96285dca569e9c2b2c61e79db1100e3d

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
      Filesize

      10KB

      MD5

      069c37bf9e39b121efb7a28ece933aee

      SHA1

      eaef2e55b66e543a14a6780c23bb83fe60f2f04d

      SHA256

      485db8db6b497d31d428aceea416da20d88f7bde88dbfd6d59e3e7eee0a75ae8

      SHA512

      f4562071143c2ebc259a20cbb45b133c863f127a5750672b7a2af47783c7cdc56dcf1064ae83f54e5fc0bb4e93826bf2ab4ef6e604f955bf594f2cbd641db796

      Download Submit