Analysis

  • max time kernel
    44s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    10/07/2022, 07:19

General

  • Target

    1756-54-0x0000000180000000-0x0000000180009000-memory.dll

  • Size

    36KB

  • MD5

    c2bab9b7a0d85653416316f55c82541b

  • SHA1

    939e617421037a58870e52d29bf38e292105e3ff

  • SHA256

    46f32ba015b5ae66e8e0e69e5b7a965cdb5999a7406bd844743caa7f124054b1

  • SHA512

    c80ae7e662d54c570eda87293a9d1e0e3eb632e059d08673188d52c08b80177051b197b3a0d6d303ad61c35acd9909d06d23d9abf263db6da7e16b79d7fca01a

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1756-54-0x0000000180000000-0x0000000180009000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1336
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1336 -s 56
      2⤵
      • Program crash
      PID:1464

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads