Overview

overview

3

Static

static

01cb868e1b...3f.dll

windows7-x64

1

01cb868e1b...3f.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    168s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2022, 02:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01cb868e1ba11c9a359e8204065c8040064e21f5d60d0a41cb9cb9c243b5973f.dll

  • Size

    18KB

  • MD5

    73b66fdfa5625f09d073f959f02de680

  • SHA1

    7940cb48aab9746238bb9b66f4b4afc957112064

  • SHA256

    01cb868e1ba11c9a359e8204065c8040064e21f5d60d0a41cb9cb9c243b5973f

  • SHA512

    03d3f58bb7869d87fe1cb0452472a82d71d02641e958eed7d2035db9f326b8e491a3c88947f07018866bdd708e18e3ec98c408c9407f55e47e9578d6fe2ebdbb

  • SSDEEP

    384:VDV0VyBaxHEUbXtO3uxbWAW1+fmhQOAidEEpjW+6sUWm:dV0VyBgTMEJW1+fma3i7Z

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\01cb868e1ba11c9a359e8204065c8040064e21f5d60d0a41cb9cb9c243b5973f.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\01cb868e1ba11c9a359e8204065c8040064e21f5d60d0a41cb9cb9c243b5973f.dll,#1
      2⤵
        PID:1536
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 1536 -s 552
          3⤵
          • Program crash
          PID:1384
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 1536 -ip 1536
      1⤵
        PID:2032

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads