Overview

overview

10

Static

static

10

236c3fe000...us.dll

windows7_x64

1

236c3fe000...us.dll

windows10-2004_x64

3

Analysis

  • max time kernel
    79s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    28-04-2022 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    236c3fe0000.GdiPlus.dll

  • Size

    2.3MB

  • MD5

    c11b76d93f31d598ace8777f2d20a0d9

  • SHA1

    4a33a5f1527af26b11fab7b8be6bedc250615691

  • SHA256

    c0d1b25bd04fcaa5a4f76e868a9c3cfa2d51408eae2785c468887318b0f22bf0

  • SHA512

    73bc7121abc4112bce6faeffd870c6b32cf9efa8ff998355e0b3c061fed9617bf9ad26290e59ac29a1703f5b590a0b60d5a7d2c955c5735029ee6d672c4b009c

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\236c3fe0000.GdiPlus.dll,#1
    1⤵
      PID:4704
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 4704 -s 432
        2⤵
        • Program crash
        PID:4548
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 4704 -s 464
        2⤵
        • Program crash
        PID:4004
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 408 -p 4704 -ip 4704
      1⤵
        PID:1824
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -pss -s 184 -p 4704 -ip 4704
        1⤵
          PID:4124
        • C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
          1⤵
            PID:3112

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads