24a43a222ac127545478058093f9f291f3533ceee5e374685c6d43de2acfd266 | Triage

Analysis

max time kernel
96s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
14/09/2022, 12:34

Sharing

Report Analysis Logs

General

Target

rahsd.dll
Size

3.3MB
MD5

d45a73e231ef637915b9430cc8941cb2
SHA1

d4e8a078e8eb3d2f4c7aeb55581186be8d76574e
SHA256

24a43a222ac127545478058093f9f291f3533ceee5e374685c6d43de2acfd266
SHA512

0e17998fbf1a88c5028220fe8fd577f8463935eb2a7f1cbc6acf82c0cde32470d54bfba8c054fc0b229e1d5c3b70819e3613eb9a79d3795d7eca0c4848917e0d
SSDEEP

49152:/tjVhX8/RGMMneux2B0RkTH6LrLurVqisy+/aasdgKeilMprv5UYjG3j2VCF7l7p:/pcPulLJZmGgO1C26

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2184	2200	WerFault.exe	30

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\rahsd.dll,#1
1⤵
PID:2200
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2200 -s 328
  2⤵
  - Program crash
  PID:2184

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 408 -p 2200 -ip 2200
1⤵
PID:3644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads