Overview

overview

7

Static

static

7

65e5ded9bc...fe.dll

windows10_x64

3

65e5ded9bc...fe.dll

windows10-2004_x64

3

Analysis

  • max time kernel
    53s
  • max time network
    79s
  • platform
    windows10_x64
  • resource
    win10-20220414-es
  • submitted
    23-06-2022 23:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    65e5ded9bc27a4562fb5cbb6b827273be9f6ed3b2159832a57fd3ca8c78573fe.dll

  • Size

    20.0MB

  • MD5

    bf5aee7ba0ac7286f4879ca34ca63903

  • SHA1

    9bc40c49a3dbc41f618d11f4b113f234c1713dc4

  • SHA256

    65e5ded9bc27a4562fb5cbb6b827273be9f6ed3b2159832a57fd3ca8c78573fe

  • SHA512

    887125ea071749f717f5d39828b5ac200ee8f80aaedfe6b58167c0bfa68ec8e921c0cbbe63de8ad49eab8ff28c5c09d7b06aecf6e51df63f1195c257ddc4cd49

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\65e5ded9bc27a4562fb5cbb6b827273be9f6ed3b2159832a57fd3ca8c78573fe.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\65e5ded9bc27a4562fb5cbb6b827273be9f6ed3b2159832a57fd3ca8c78573fe.dll,#1
      2⤵
        PID:3808
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3808 -s 608
          3⤵
          • Program crash
          PID:5040

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3808-116-0x0000000000000000-mapping.dmp
      Download
    • memory/3808-117-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-118-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-119-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-120-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-121-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-122-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-123-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-124-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-125-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-126-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-127-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-128-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-129-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-130-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-131-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-132-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-133-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-134-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-135-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-136-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-137-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-138-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-139-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-140-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-141-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-142-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-143-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-145-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-146-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-148-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-149-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-151-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-152-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-154-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-153-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-150-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-147-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-144-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-155-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-157-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-156-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-158-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-159-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-160-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-161-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-162-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-163-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-164-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-165-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-166-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/3808-167-0x0000000077770000-0x00000000778FE000-memory.dmp
      Filesize

      1.6MB

      Download