Analysis
-
max time kernel
207s -
max time network
336s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
07-12-2022 06:46
General
-
Target
TE04/syndrome/dicta.dll
-
Size
596KB
-
MD5
98b6b7eb3a0d889bdfd24130e72e8afd
-
SHA1
46be771ff368e840160bd5e03a45ec93d8fbc3ee
-
SHA256
bf3915a0a3e128b90d5f3c3173c4310e71d458d778d3bb7b9695c18892256120
-
SHA512
b36b8089b59390e3d39e10cedc28c485c317e4df3d01f669e56e817e1b3fb1fb069417c8e9e0022824fc74208b5bee727ad9441d0c5656f43cd3cc93789f67c2
-
SSDEEP
12288:4n8J739YoRmwZBY9bk8OlBf07A4QDXSAIdQFFF7:481FR7tVlDXScn
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\TE04\syndrome\dicta.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\TE04\syndrome\dicta.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1436 -s 2243⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/592-56-0x0000000000000000-mapping.dmp
-
memory/1436-54-0x0000000000000000-mapping.dmp
-
memory/1436-55-0x0000000074FA1000-0x0000000074FA3000-memory.dmpFilesize
8KB