Analysis
-
max time kernel
27s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
07-05-2023 09:20
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
sYYdOjoeG.dll
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
General
-
Target
sYYdOjoeG.dll
-
Size
650KB
-
MD5
bb1372e462191a8c955906a152c59e89
-
SHA1
32f18efd55f4b5df9c969c3870d07f816ad48430
-
SHA256
34ba8d9a2fc9779c2261e2c93856d5b24aa6c46048b3520bea0595258f0b9f7a
-
SHA512
e15f8b1c50956cb64dc6d021e7f609052e8986ecc366e6428ff7f9099acd3232524a7ed0ca6ff1361af763e720d92824d83475a944bd332625b26bf539ef1c88
-
SSDEEP
12288:VMeQsno2LR+eTz4kMJFGH6C7Fj73Whmrkj5S3u49aP:VDftXegvN7WhmIj5Ouu
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1324 1212 WerFault.exe regsvr32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
regsvr32.exedescription pid process target process PID 1212 wrote to memory of 1324 1212 regsvr32.exe WerFault.exe PID 1212 wrote to memory of 1324 1212 regsvr32.exe WerFault.exe PID 1212 wrote to memory of 1324 1212 regsvr32.exe WerFault.exe