Analysis
-
max time kernel
184s -
max time network
225s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
21-10-2022 04:34
General
-
Target
216213bd503d646d64595243c8996916091bbdb1f8b4aae98a70bcaf34b04d5a.dll
-
Size
81KB
-
MD5
74e8cb40f35c2d41e08d4be11e69ec74
-
SHA1
b9b50965aa66bfc210d49154c5482501d185b39d
-
SHA256
216213bd503d646d64595243c8996916091bbdb1f8b4aae98a70bcaf34b04d5a
-
SHA512
6ea9f46e33bc359c2ad93c9832ae803ab77643676a73dcf35f057ac143f0bf9cbfeb23478d55586b73e83a6edfaf527f43b1ab80de49f3f6dd833b643ac28afd
-
SSDEEP
1536:PSwlKC19SnIhSmet0w5XBiiaYhyEz2HyQ2TGZyBXWdM91NoS7B2nj2xnJ/Pc:HAM8XBiiakyEz2HEGZyQm9/ocBbnFPc
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\216213bd503d646d64595243c8996916091bbdb1f8b4aae98a70bcaf34b04d5a.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\216213bd503d646d64595243c8996916091bbdb1f8b4aae98a70bcaf34b04d5a.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4736 -s 5643⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 4736 -ip 47361⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.5MB