Analysis
-
max time kernel
170s -
max time network
182s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
01-12-2022 14:10
General
-
Target
7aba1d2459008818cb1ea99b3833cf1b6997784ab84bf0a026f23bf0c25ad94f.dll
-
Size
48KB
-
MD5
98995ef6dd059b1a97e8d92edc75f530
-
SHA1
17d8f5606858081fd6b0233d5a52126dd05b8d79
-
SHA256
7aba1d2459008818cb1ea99b3833cf1b6997784ab84bf0a026f23bf0c25ad94f
-
SHA512
c6f628eaf0b2bfee121357873b6324c87f8a848bff2cc78fbc819950f1c60b332f53f1e3619f6fa2127f20b29abe9379a298e9b2f9ea878483f4d3a9a6944e3a
-
SSDEEP
768:UJIGvAAZQhETQP44iAUrJFEBjiHIjho3wIa4VhMbIs9E7v4MLXBnkCvHvpX7CBue:UJI8Ac0AFMmL3wIrVmbIdDbRLvPpXIue
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7aba1d2459008818cb1ea99b3833cf1b6997784ab84bf0a026f23bf0c25ad94f.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7aba1d2459008818cb1ea99b3833cf1b6997784ab84bf0a026f23bf0c25ad94f.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1108 -s 6083⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1108 -ip 11081⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
-
Filesize
132KB