Analysis
-
max time kernel
37s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
07-12-2022 16:11
General
-
Target
engendering/catenary.dll
-
Size
596KB
-
MD5
740ef7c49bbf7b6dc80ada0cb1b8f824
-
SHA1
233dae2d621fe77935ca3d4ca1dd07b3e956914c
-
SHA256
5b88a129b9138aea014f1425f5b28f5937e657d778a681c0e5685481d6eefc54
-
SHA512
59b44da52b911e16ce00b19937739cd267931535232f317bbcfdafc24c59180ce295d156847c7bcbae2e00a16c2291f12d79ab4ac4716c41cb7465298a75b88a
-
SSDEEP
12288:4n8H739YoRmwZBY9bk8OlBf07A4QDXSAIdQFFF7:48bFR7tVlDXScn
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\engendering\catenary.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\engendering\catenary.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1976 -s 2243⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/564-56-0x0000000000000000-mapping.dmp
-
memory/1976-54-0x0000000000000000-mapping.dmp
-
memory/1976-55-0x00000000760D1000-0x00000000760D3000-memory.dmpFilesize
8KB