Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
02-07-2022 16:39
Static task
static1
Behavioral task
behavioral1
Sample
payload (1).dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
payload (1).dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
payload (1).dll
-
Size
255KB
-
MD5
a257e8c455576123b2c827f9509ecc5b
-
SHA1
49e01127127e9a21eb5c830b4afd5ef4f76764c8
-
SHA256
dbc5cf3d2f43a38f12ddaa8a676060540f42ee1b974187a7ae70df1df59da910
-
SHA512
9a1628c7911b2744c7c4befd1e3e6fd01bb81eafa1d8ca23a5b1412d02042695c6da7d70f322ad90c054307f864ca2c045238334408403d5082ad4e5bdc91f0e
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1840 1992 WerFault.exe rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1992 wrote to memory of 1840 1992 rundll32.exe WerFault.exe PID 1992 wrote to memory of 1840 1992 rundll32.exe WerFault.exe PID 1992 wrote to memory of 1840 1992 rundll32.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1840-54-0x0000000000000000-mapping.dmp