Overview

overview

10

Static

static

10

OnlineFix64.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    25s
  • max time network
    14s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    11/03/2025, 18:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OnlineFix64.dll

  • Size

    11.3MB

  • MD5

    1dc3a9fd539541dfd04ba19b0e65a1bb

  • SHA1

    2a0ab8d86a16546ee040d866dc8e7acc9888a12c

  • SHA256

    316eba6541ee72195e949c04597a37309869f683b96561f558c231d796974b10

  • SHA512

    0110d961a7d4ac14f075fdabb1c5366c73c76397b3b3f34df72991dd2cf14ced18a0293d49f48b2bb1eaac5206945aa4e7acac48fcd0c7380cc13a14558cfe50

  • SSDEEP

    196608:V8PPzFUF/qRFyL7ekwe/G8hNJRWH035NoWVxqr1Pow3PISBQxJcX6Qz:WPPRgqRF+wLQjJHoWm1PowImQxGqQ

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\OnlineFix64.dll,#1
    1⤵
      PID:3076
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:4720
      • C:\Windows\system32\OpenWith.exe
        C:\Windows\system32\OpenWith.exe -Embedding
        1⤵
        • Modifies registry class
        • Suspicious use of SetWindowsHookEx
        PID:4584

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3076-0-0x00007FF96D5F0000-0x00007FF96E9E0000-memory.dmp

        Filesize

        19.9MB

        Download