371e893ea727d7c5a44d3ebe082db98a10912f6b722d1ec5d22071d7535a3af1

Analysis

max time kernel
140s
max time network
268s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
09-08-2023 12:56

Target

“护航亚运”网络安全专项整治行动方案/msvcp140d.dll
Size

898KB
MD5

f83746b98014aa2374a79758dafdf409
SHA1

0520b6ec402963b015ae060b225f30d41a88ab05
SHA256

e1118fc5ca6a4bcfca0dcbf7b4705bbea6b7155fd58442dc870a61a866bb413d
SHA512

ee0604705c92a2b605986a2263c4d342fcfe8b002c0fcf634d5a52d811e5b2d00cef80f579c0d44e291ea15a3048bf384fe0dba9222160c736987c90b7c5edff
SSDEEP

12288:1nLbqcD+ELpm/yQkzGhNuJKQEKZm+jWodEEVL5Jlv:1z+ELpm/yFLJKQEKZm+jWodEEF5Jh

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3080	2180	WerFault.exe	47

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\“护航亚运”网络安全专项整治行动方案\msvcp140d.dll,#1
1⤵
PID:2180
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2180 -s 340
  2⤵
  - Program crash
  PID:3080

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 360 -p 2180 -ip 2180
1⤵
PID:1904