ec89e1c3eb2c04415b7f24bb65f32976f93ca264fb7bad95e7aa842f9b3135d6 | Triage

Analysis

max time kernel
85s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
28-04-2022 16:27

Sharing

Report Analysis Logs

General

Target

1d29af40000.GdiPlus.dll
Size

2.3MB
MD5

66108c5d7e5f4e446991c370c908c00c
SHA1

530797112fbc9743c74f89e9993c1effd44a754a
SHA256

ec89e1c3eb2c04415b7f24bb65f32976f93ca264fb7bad95e7aa842f9b3135d6
SHA512

50340c70c6ddee5659164ce4e1ce64b4d4cb327c75a9ef26e4cd89f44194cd7fd43b0a6263e498f6ef38a0aa7878e977f06ccdf80f638a89144db73e0a43bdf4

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

Processes:

WerFault.exeWerFault.exe

pid pid_target process target process

1432 1500 WerFault.exe rundll32.exe
4364 1500 WerFault.exe rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1d29af40000.GdiPlus.dll,#1
1⤵
PID:1500
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1500 -s 432
  2⤵
  - Program crash
  PID:1432
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1500 -s 548
  2⤵
  - Program crash
  PID:4364

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 408 -p 1500 -ip 1500
1⤵
PID:2412

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 496 -p 1500 -ip 1500
1⤵
PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads