Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
20-06-2023 06:50
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
1fb0c8b5d8ef25661fb0f89d676e2e49.dll
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
1fb0c8b5d8ef25661fb0f89d676e2e49.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
1fb0c8b5d8ef25661fb0f89d676e2e49.dll
-
Size
1.2MB
-
MD5
1fb0c8b5d8ef25661fb0f89d676e2e49
-
SHA1
1b284a2b2ab3c733603a702320d9c55c3b74bd91
-
SHA256
212bddfe0446f5f5037d8452bb9f4fad2823502917546811a97d6b4c555d5ad6
-
SHA512
a8033e6c6beac49a166f500b9991bfcff43be42d6579062ffd11f147a3c016ccb1f2de9b217f18e4ba00dd6acd0d9a8e898666acd885344e37cabc9b4ad297a3
-
SSDEEP
24576:V88Kjwqgo6dmg6XKZz0AUfOwZbB2aBnRLI151E/BgXRzyCF7z7vb:u7+ZU3TODE/CdPb
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 624 1480 WerFault.exe 14 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1480 wrote to memory of 624 1480 rundll32.exe 28 PID 1480 wrote to memory of 624 1480 rundll32.exe 28 PID 1480 wrote to memory of 624 1480 rundll32.exe 28