Overview

overview

9

Static

static

7

Kangaroo Patcher.exe

windows11-21h2-x64

9

Kangaroo.dll

windows11-21h2-x64

1

Vape_Lite.exe

windows11-21h2-x64

Resubmissions

22-02-2025 00:44

250222-a3l5jsvkfq 10

22-02-2025 00:40

250222-a1gr2stmh1 9

Analysis

  • max time kernel
    430s
  • max time network
    454s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-02-2025 00:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kangaroo.dll

  • Size

    37KB

  • MD5

    0202563145fb353f35c915cdbe5474f8

  • SHA1

    01b1ea50745a3824e68330b0339a44e27c9068e9

  • SHA256

    5223fc529531a32c6111ef6e93e33d134961490831b6711db1ed87b3f93574bd

  • SHA512

    8d972347f6e87fb0639033e22df9687a30363423a650cc872d6746582eb03274c673727c2287d9ba12df0cd68e4deecfcbb3d11c130e122022b57c6088c6309d

  • SSDEEP

    768:yPGh18G4BxUz6jPypNKLf7wtGHBpc/HO27:S+1YUWrypNKPbBp8u27

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Kangaroo.dll,#1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3560-0-0x00000258D6750000-0x00000258D686E000-memory.dmp

    Filesize

    1.1MB

    Download