Overview

overview

10

Static

static

8

TradingVie...op.exe

windows7-x64

10

TradingVie...op.exe

windows10-2004-x64

10

apt/SysWOW...nt.dll

windows10-2004-x64

3

apt/SysWOW...SE.dll

windows10-2004-x64

3

apt/SysWOW...vc.dll

windows10-2004-x64

3

apt/SysWOW...st.dll

windows10-2004-x64

3

apt/SysWOW...al.dll

windows10-2004-x64

3

apt/SysWOW...rs.dll

windows10-2004-x64

3

apt/SysWOW...fc.dll

windows10-2004-x64

3

apt/SysWOW...RT.dll

windows10-2004-x64

3

apt/SysWOW...al.dll

windows10-2004-x64

3

apt/SysWOW...Rt.dll

windows10-2004-x64

3

apt/SysWOW...er.dll

windows10-2004-x64

3

apt/SysWOW...PL.dll

windows10-2004-x64

3

apt/SysWOW...PL.dll

windows10-2004-x64

1

apt/SysWOW...nt.dll

windows10-2004-x64

3

apt/SysWOW...er.dll

windows10-2004-x64

3

apt/SysWOW...er.dll

windows10-2004-x64

3

apt/SysWOW...ds.dll

windows10-2004-x64

3

apt/SysWOW...er.dll

windows10-2004-x64

3

apt/SysWOW...pl.dll

windows10-2004-x64

3

apt/SysWOW...ub.dll

windows10-2004-x64

3

apt/SysWOW...as.dll

windows10-2004-x64

3

apt/SysWOW...ts.dll

windows10-2004-x64

3

apt/SysWOW...on.dll

windows10-2004-x64

3

apt/SysWOW...pi.dll

windows10-2004-x64

3

apt/SysWOW...op.dll

windows10-2004-x64

3

apt/SysWOW...SP.dll

windows10-2004-x64

3

apt/SysWOW...on.dll

windows10-2004-x64

3

apt/SysWOW...er.dll

windows10-2004-x64

3

apt/SysWOW...PS.dll

windows10-2004-x64

3

apt/SysWOW...32.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    104s
  • max time network
    134s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/03/2025, 02:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    apt/SysWOW64/AnalogCommonProxyStub.dll

  • Size

    17KB

  • MD5

    e3a26f1f0636112c6e3d0fdf9a4653da

  • SHA1

    7208f85e2a6035fe856ca3d7895b2d5c807dec52

  • SHA256

    12a6f561e4475067c408b6b5bac1652b71a6e2b428ac9aa911abf15907797665

  • SHA512

    0ef092dc30ed7e2e0630f1f57f4a4d61846426de39e41f428ea4887cc23bac97e6addedd15e93c9f752217a9684620d9187043d362ed4056f5a47658a09b6ced

  • SSDEEP

    192:d0zEAGv6jIvC4K1wnd+IKv11tqPOEvZfrxW6aW0Hot:daE/6wA1wnd+IK11tqPrZfrxW6aW02

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\apt\SysWOW64\AnalogCommonProxyStub.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4516
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\apt\SysWOW64\AnalogCommonProxyStub.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:4592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads