ee02d92c75e47a3ce2e335443749eaeb92c81182ea275d513dea63b923012c73

Analysis

max time kernel
165s
max time network
182s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
14/01/2023, 13:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

msvcp140.dll
Size

438KB
MD5

f29e5c7357e45fabcdf326d8a180c0d1
SHA1

7db7cd6125027a3d46cdcddf177ce14e4a4c74c5
SHA256

a43ea96a2ff2ac640f4c69d2b50ff376301f58b2bf4bb411996779d51f3677bc
SHA512

db6f1360cd7cbe5997f8b48fd1119c63420186c0876592338e4a3bac8256ee084ce76d0cf5b16a999fe6f5cc93e9a0cd011b515656365c5ec5395b92cb8f1aa9
SSDEEP

12288:hTLNQjAM80l7Vpm8j2NoSpmandhUgiW6QR7t5s03Ooc8dHkC2esumP1:hTLNQcMmYpEK03Ooc8dHkC2enmt

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 1 IoCs

flow	pid	Process
1	4004	rundll32.exe

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3448	4004	WerFault.exe	66

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3488 wrote to memory of 4004	3488	rundll32.exe	66
PID 3488 wrote to memory of 4004	3488	rundll32.exe	66
PID 3488 wrote to memory of 4004	3488	rundll32.exe	66

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\msvcp140.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3488
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\msvcp140.dll,#1
  2⤵
  - Blocklisted process makes network request
  PID:4004
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 4004 -s 648
    3⤵
    - Program crash
    PID:3448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4004-117-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-118-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-119-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-120-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-121-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-122-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-123-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-124-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-125-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-126-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-127-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-128-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-129-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-130-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-131-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-132-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-133-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-135-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-134-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-136-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-138-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-137-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-139-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-140-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-141-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-142-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-143-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-144-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-145-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-146-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-147-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-148-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-149-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-150-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-151-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-152-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-153-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-154-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-155-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-156-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-157-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-158-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-159-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-160-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-161-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-162-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-163-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-164-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-165-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-166-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-167-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-168-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-169-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-170-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-171-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download
memory/4004-172-0x0000000077480000-0x000000007760E000-memory.dmp

Filesize
1.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads