Analysis
-
max time kernel
52s -
max time network
64s -
platform
windows10-2004_x64 -
resource
win10v2004-20220721-en -
resource tags
arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system -
submitted
23/07/2022, 20:33
Behavioral task
behavioral1
Sample
1952-54-0x0000000180000000-0x0000000180009000-memory.dll
Resource
win7-20220715-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
1952-54-0x0000000180000000-0x0000000180009000-memory.dll
Resource
win10v2004-20220721-en
1 signatures
150 seconds
General
-
Target
1952-54-0x0000000180000000-0x0000000180009000-memory.dll
-
Size
36KB
-
MD5
0596cb836a2a765c0ae49a067fc1d305
-
SHA1
7d40bca8d5f4c3b7d81fa1c12a212a38c2762c91
-
SHA256
145017b9ccee961edc3803193c6edf28f26caa76f9aa673450da250a41f5d549
-
SHA512
3a89555fa1757ce4af78b4fc992674f4c16020d23a81602f85165f2c8544d35a3543990880ee81418734c2f9bd149f89c6671ff4c976b6fa226ceae8a553b91b
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 672 4512 WerFault.exe 59
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1952-54-0x0000000180000000-0x0000000180009000-memory.dll,#11⤵PID:4512
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 4512 -s 2402⤵
- Program crash
PID:672
-
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -pss -s 436 -p 4512 -ip 45121⤵PID:5096