Resubmissions

21-06-2023 13:07

230621-qcx25ahe88 10

20-06-2023 06:50

230620-hly2sabg3s 3

Analysis

  • max time kernel
    31s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2023 06:50

General

  • Target

    1fb0c8b5d8ef25661fb0f89d676e2e49.dll

  • Size

    1.2MB

  • MD5

    1fb0c8b5d8ef25661fb0f89d676e2e49

  • SHA1

    1b284a2b2ab3c733603a702320d9c55c3b74bd91

  • SHA256

    212bddfe0446f5f5037d8452bb9f4fad2823502917546811a97d6b4c555d5ad6

  • SHA512

    a8033e6c6beac49a166f500b9991bfcff43be42d6579062ffd11f147a3c016ccb1f2de9b217f18e4ba00dd6acd0d9a8e898666acd885344e37cabc9b4ad297a3

  • SSDEEP

    24576:V88Kjwqgo6dmg6XKZz0AUfOwZbB2aBnRLI151E/BgXRzyCF7z7vb:u7+ZU3TODE/CdPb

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1fb0c8b5d8ef25661fb0f89d676e2e49.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1480
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1480 -s 84
      2⤵
      • Program crash
      PID:624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads