Resubmissions
19-12-2022 02:21
221219-ctd4paea95 315-12-2022 18:02
221215-wmvbwada34 1015-12-2022 18:01
221215-wl6nhsda29 115-12-2022 18:01
221215-wl1ghafh7y 3Analysis
-
max time kernel
90s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
19-12-2022 02:21
Static task
static1
Behavioral task
behavioral1
Sample
tmpFB1E.dll
Resource
win7-20220901-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
tmpFB1E.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
tmpFB1E.dll
-
Size
269KB
-
MD5
c7ca67a72a6cad3fc366e6e172539859
-
SHA1
fd1855605f49c59a0894f7a8b848303eb099f496
-
SHA256
c705008b6656feabe462ebb2363d6a259581cea574872cb1c6c440dbd23ad4fa
-
SHA512
5727151a1e2680fd482fa8a882ead4242c1f96b4119f0c7672fc7a5b5d2df8a226b15dc69f6ce0f7ccfe17510f21a0af4c23ecb000bda6f29252daf724c16fbd
-
SSDEEP
6144:MTHJ5BU2WigC+/NZy40onBQ14xdN8IcfSLZ:qDB0igC+/NHBQ1SdwSd
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 4212 4640 WerFault.exe rundll32.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes:
rundll32.exepid process 4640 rundll32.exe 4640 rundll32.exe 4640 rundll32.exe 4640 rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\tmpFB1E.dll,#11⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 4640 -s 4082⤵
- Program crash
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -pss -s 448 -p 4640 -ip 46401⤵