Analysis
-
max time kernel
105s -
max time network
114s -
platform
windows10_x64 -
resource
win10 -
submitted
27-10-2020 10:12
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan-Banker.Win32.Cridex.gen.10545.dll
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan-Banker.Win32.Cridex.gen.10545.dll
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
SecuriteInfo.com.Trojan-Banker.Win32.Cridex.gen.10545.dll
-
Size
667KB
-
MD5
b92aa4b3201734007fbce2e237fe091f
-
SHA1
9982a7d1af6b13e48c39fd2327ac3181f09856e1
-
SHA256
635a1f8e2eff8717c791f846b6e7a4b0c1d1d84d93c20630686d5079a9ede5c3
-
SHA512
6116392f19c439a2c029b2e48641730429d084183f4ab29f75eba4bc3f172984e30afbec31643193faf93b2aa10d0bea9af4e36dc7eb13e86baba1f467c82574
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4056 wrote to memory of 2916 4056 rundll32.exe rundll32.exe PID 4056 wrote to memory of 2916 4056 rundll32.exe rundll32.exe PID 4056 wrote to memory of 2916 4056 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan-Banker.Win32.Cridex.gen.10545.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan-Banker.Win32.Cridex.gen.10545.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2916-0-0x0000000000000000-mapping.dmp