Analysis
-
max time kernel
103s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
09/07/2022, 05:15
Behavioral task
behavioral1
Sample
944-54-0x0000000180000000-0x0000000180009000-memory.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
944-54-0x0000000180000000-0x0000000180009000-memory.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
944-54-0x0000000180000000-0x0000000180009000-memory.dll
-
Size
36KB
-
MD5
fe0abab66cc9d4a6b0b86e2ad4bb11f9
-
SHA1
cb6fc33ddc3489921ed8e9809e09735c34561c67
-
SHA256
f6222dbf423b25f6aedf71f1eb5c9f19b336d9cd0d85cd64b3cad9760c2eceba
-
SHA512
5fab0b8472f7d2c82d0f321e89445f3a8fc49eb038233479f4b24c6373fe5869d5b8946bf1cd4142467f49e87d8c06938ed4bef4f5fe8e90587436366dd2f6cd
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4288 5052 WerFault.exe 79
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\944-54-0x0000000180000000-0x0000000180009000-memory.dll,#11⤵PID:5052
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 5052 -s 2402⤵
- Program crash
PID:4288
-
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -pss -s 404 -p 5052 -ip 50521⤵PID:1000