Analysis
-
max time kernel
0s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
24-12-2022 01:24
General
-
Target
Document/NewInformation.dll
-
Size
817KB
-
MD5
a3a0646542e27fddcd7ce9f604ef63d6
-
SHA1
fa16ce1aa1c0cb2fc235fb28e4621a4eff95be80
-
SHA256
a036d9ec59e974c4ba22f2d49116a69d6804df070c4985164daca2bca041d643
-
SHA512
cc95e227d26db9281f250cfd29676c374641aec2218b8cdb0b7bfef597694c5088600258d6e6b228fca8f28a23b16d5df81929569c4d410ef109ce754a6ce3ae
-
SSDEEP
12288:JJGwvTfCMf8rVomRle7XBr4fi7wDqo4TARMhxMrFND648j4xhT6Zl:JY5rVtcsfi7wDP4TAR0sFN+Ux
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\Document\NewInformation.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\Document\NewInformation.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1340 -s 2243⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1340-54-0x0000000000000000-mapping.dmp
-
memory/1340-55-0x0000000076411000-0x0000000076413000-memory.dmpFilesize
8KB
-
memory/2016-56-0x0000000000000000-mapping.dmp