Overview

overview

10

Static

static

10

1720-55-0x...ry.dll

windows7-x64

3

1720-55-0x...ry.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    44s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    29-10-2022 14:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1720-55-0x0000000180000000-0x0000000180009000-memory.dll

  • Size

    36KB

  • MD5

    8f675b21a4d10da0fe42cea3c0e34760

  • SHA1

    8d2a2c4a86ec12700f4882f39cb31e2f37f3259e

  • SHA256

    0aa7d3ea79af073281ac2281b1633055f5e09863f7b7979ceb347d0df3fe09a5

  • SHA512

    1c42762be302c4fdb31cae001c8d2c3d807be6ccecb5ff9b9047074f792be2bda10d2c763d2882d4d3cf3d74ecb0ed901107d359e371deed0c1ff2da1820d2ac

  • SSDEEP

    192:hHVMfa7TTCjJSixzPSAA56RCK7Yu/VPgwHXBAQYfPq/3Kb:h1Mf0gJSix2AA56RCiZVNGQYnq/6b

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1720-55-0x0000000180000000-0x0000000180009000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1048 -s 56
      2⤵
      • Program crash
      PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1928-54-0x0000000000000000-mapping.dmp

    Download