Overview

overview

10

Static

static

10

264-455-0x...ry.dll

windows7-x64

1

264-455-0x...ry.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10-10-2023 22:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    264-455-0x00000000033B0000-0x00000000034E1000-memory.dll

  • Size

    1.2MB

  • MD5

    1c32f1a8c180cfcdf398769a6e1f2b5f

  • SHA1

    12cacd7a908b839487be190f591999b02c4867ab

  • SHA256

    abf1cf1b906aed92d1fcacf6837ec5bf70c93b2f63c6dd8290922d08b1e66925

  • SHA512

    ae78c5265c07b5d7ebefae7ee4a0c729fa5062242ea5c892f7439cd3867d11b890790be5add1d659871d328cd2e2c57b151b09c5b4e2bee3da09da7572f2d4fd

  • SSDEEP

    24576:3C7CI9TZDEWk1wCy0zaG9cQAK1ftxmbfYQJZKMG9:7I99DEWVtQAKZmn0P

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\264-455-0x00000000033B0000-0x00000000034E1000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2672 -s 56
      2⤵
        PID:2056

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads