Overview

overview

10

Static

static

10

loaddy001.dll

windows10-2004-x64

4

Analysis

  • max time kernel
    103s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/04/2025, 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    loaddy001.dll

  • Size

    252KB

  • MD5

    d507c9ba6f16864d576d47b671a1f919

  • SHA1

    f936a87be1e57aa967a36743188373a6b434da17

  • SHA256

    e6a8dd2b6348d3a2b784529de47e078730c9ad76a1ce6e7326c5136c38af0868

  • SHA512

    45e3bce73ccebe58ff33a43fba767cb6cd4f28785941a372229ff340bbc01264a2ca8b96ec8c7cad0517659768d6adbc4bed806ac88ca9c9c74b4153e693b596

  • SSDEEP

    3072:GMroksXUERhFcmvhc7ADcTdeiGu0/7BRVaqOw6I4/OpghLMUvM:GXvhxDx/AOpgt

Score
4/10
discovery

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\loaddy001.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1608
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\loaddy001.dll,#1
      2⤵
      • Drops file in Windows directory
      • System Location Discovery: System Language Discovery
      PID:3240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads