Analysis
-
max time kernel
28s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
19-03-2023 01:39
Static task
static1
Behavioral task
behavioral1
Sample
48.dll
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
48.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
48.dll
-
Size
797KB
-
MD5
b0ad6d2d4c031bdba529c80b9b2957e7
-
SHA1
153a5ba4665cbcd79afff27d27864f498284d9c0
-
SHA256
9e66b2a30d5244d1dffb968cc1c67fe705ce208eed450ae81f9f48552187749b
-
SHA512
f7c48df7b41a2284b959efa1315cc917fa5d36740752d90e8aa87965479961f8da8ed7e3f0cc6a7c7490665fcae017086e32b38f4d54b027f48398ea8bf8682d
-
SSDEEP
12288:k+uUojq+LoAymyU6C6khqVlvV+FhTwrnL5k:cMAQUH6MqVlv9rnL
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2008 1996 WerFault.exe rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1996 wrote to memory of 2008 1996 rundll32.exe WerFault.exe PID 1996 wrote to memory of 2008 1996 rundll32.exe WerFault.exe PID 1996 wrote to memory of 2008 1996 rundll32.exe WerFault.exe