Overview

overview

10

Static

static

3

KwishClien...nt.jar

windows11-21h2-x64

7

KwishClient/Start.exe

windows11-21h2-x64

KwishClien...AL.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

1

KwishClien...64.dll

windows11-21h2-x64

1

KwishClien...86.dll

windows11-21h2-x64

1

KwishClien...fw.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

1

KwishClien...oc.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

1

KwishClien...gl.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

1

KwishClien...gl.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

3

KwishClien...tb.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

3

KwishClien...fd.dll

windows11-21h2-x64

1

KwishClien...32.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    1485s
  • max time network
    1500s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240611-en
  • resource tags

    arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25-06-2024 10:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    KwishClient/resources/jemalloc32.dll

  • Size

    191KB

  • MD5

    93aeb5ec9f94134784373f370d295a61

  • SHA1

    0d3c5c4d18d9a60501bce1f586684cd2fc5c466f

  • SHA256

    7270b1d189c68d3fb655411d0e7002bc9b131328b3cff726946e8fe16fe5b09a

  • SHA512

    2e79b858977c6d39e4380cbee3d70b01d4d47c4291f2af6f510f222f29cca53e2de68d6c6b0cf030eb43fb60ab8807756fadae59a8583f69d0f734f9bbe6453f

  • SSDEEP

    3072:dREMI0SsPaw8FtirHatxHkeaoPg2UYsCMGUd5liXSE0RM:PbPawm0utRaoP1dX6M

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\KwishClient\resources\jemalloc32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3328
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\KwishClient\resources\jemalloc32.dll,#1
      2⤵
        PID:4988

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads