Overview

overview

10

Static

static

10

dosbox/CHOICE.exe

windows10-2004-x64

3

dosbox/CHOICE.exe

windows11-21h2-x64

3

dosbox/DOS...al.vbs

windows10-2004-x64

1

dosbox/DOS...al.vbs

windows11-21h2-x64

1

dosbox/DOS...ns.bat

windows10-2004-x64

3

dosbox/DOS...ns.bat

windows11-21h2-x64

3

dosbox/DOSBox.exe

windows10-2004-x64

6

dosbox/DOSBox.exe

windows11-21h2-x64

6

dosbox/Doc...ME.vbs

windows10-2004-x64

1

dosbox/Doc...ME.vbs

windows11-21h2-x64

1

dosbox/Res...er.bat

windows10-2004-x64

3

dosbox/Res...er.bat

windows11-21h2-x64

3

dosbox/Res...ns.bat

windows10-2004-x64

3

dosbox/Res...ns.bat

windows11-21h2-x64

3

dosbox/SDL.dll

windows10-2004-x64

3

dosbox/SDL.dll

windows11-21h2-x64

3

dosbox/SDL_net.dll

windows10-2004-x64

3

dosbox/SDL_net.dll

windows11-21h2-x64

3

dosbox/Scr...gs.bat

windows10-2004-x64

1

dosbox/Scr...gs.bat

windows11-21h2-x64

1

dosbox/Vid...bv.dll

windows10-2004-x64

3

dosbox/Vid...bv.dll

windows11-21h2-x64

3

dosbox/dos...ug.exe

windows10-2004-x64

6

dosbox/dos...ug.exe

windows11-21h2-x64

6

dosbox/dosboxsvn.exe

windows10-2004-x64

6

dosbox/dosboxsvn.exe

windows11-21h2-x64

6

dosbox/libpng12.dll

windows10-2004-x64

3

dosbox/libpng12.dll

windows11-21h2-x64

3

dosbox/svn...l2.dll

windows10-2004-x64

3

dosbox/svn...l2.dll

windows11-21h2-x64

3

dosbox/svn...ME.vbs

windows10-2004-x64

1

dosbox/svn...ME.vbs

windows11-21h2-x64

1

Analysis

  • max time kernel
    101s
  • max time network
    106s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250410-en
  • resource tags

    arch:x64arch:x86image:win11-20250410-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20/04/2025, 05:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dosbox/svn/3DfxSpl2.dll

  • Size

    1.1MB

  • MD5

    08a1b06fe2fee5a1e3b33f1d71b84705

  • SHA1

    995b3f1a5916a047aa1365afacc292c3be21de62

  • SHA256

    262c70749ac24b4d3691e39767d3e01b5b4957b9b82768186e5faa58f395ceba

  • SHA512

    7fa595eb88a452a5bd0de05bfca85f1119ddecec58c377bd1321057f223bf9856382bf7abd2c996c1ccb50e7c28c5b28856b782a77fbf91b2b76a040bc9f38fd

  • SSDEEP

    12288:hmHPTPzZIibdk3hsCmx0okm1WoCnf1/Hnsp97P7jpD7P74nUpInLpN7P7:s79bdahsbbmdWptpjpAp

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\dosbox\svn\3DfxSpl2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5892
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\dosbox\svn\3DfxSpl2.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:128
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 128 -s 480
        3⤵
        • Program crash
        PID:2648
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 128 -ip 128
    1⤵
      PID:4420

    Network

    MITRE ATT&CK Enterprise v16

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\dosbox\svn\glide.log
      Filesize

      720B

      MD5

      342809d42dd0267219e5771fa2c6e7e4

      SHA1

      e1cacb2d3d311c032f652e79c99e6566a96500ff

      SHA256

      0faf926e1de5863c244c8781dd1ceee3497dbbca9f6cb6610dc53450d471f382

      SHA512

      35df2ad4752d19100dff79c1a6633f1eea47a435de293aeaf0ecec04e4cf698f205f82a13aa4ee5175edb95b6fce33ace7ed9c6700d8912c250d1b91aa52e740

      Download Submit