Analysis
-
max time kernel
61s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
24/03/2023, 17:24
Static task
static1
Behavioral task
behavioral1
Sample
api-ms-win-core-namedpipe-l1-1-0.dll
Resource
win7-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
api-ms-win-core-namedpipe-l1-1-0.dll
Resource
win10v2004-20230221-en
1 signatures
150 seconds
General
-
Target
api-ms-win-core-namedpipe-l1-1-0.dll
-
Size
18KB
-
MD5
a056d4eeaae37deab8333dcc4c910a93
-
SHA1
cb59f1fe73c17446eb196fc0dd7d944a0cd9d81f
-
SHA256
593fa2aa2474508ad942bbaa0fdc9a1badd81c85b0dff1c43b90a47c23ad5fb7
-
SHA512
c2f811994182ef51d0c011c19336179da69357e5f284f787bcdb54f90c32768a959232a477534f7e62cd3d71a048a13e91b20042e2fe6ab108d606c7c8df9255
-
SSDEEP
384:eW1hWU5OZkum0GftpBjxKvm3SQTlUK3dsDT:1noVimvf6sDT
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 892 904 WerFault.exe 18 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 904 wrote to memory of 892 904 rundll32.exe 28 PID 904 wrote to memory of 892 904 rundll32.exe 28 PID 904 wrote to memory of 892 904 rundll32.exe 28