Analysis
-
max time kernel
120s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system -
submitted
16-10-2023 17:02
Behavioral task
behavioral1
Sample
1260-2-0x0000000180000000-0x0000000180009000-memory.dll
Resource
win7-20230831-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1260-2-0x0000000180000000-0x0000000180009000-memory.dll
Resource
win10v2004-20230915-en
0 signatures
150 seconds
General
-
Target
1260-2-0x0000000180000000-0x0000000180009000-memory.dll
-
Size
36KB
-
MD5
cb47eb752e97291d3d735347fe4724b3
-
SHA1
6de89d2597346667d344d8a7a62d03a110a36838
-
SHA256
f0dcf956489bfb9189433169cc3b69d5ee0670b15ed63c5e1a14c9d5deca7543
-
SHA512
f5d9f06dfedbc5a47254151313fe22281843884ced1adc74025024eda62b09ae18ac1044aac405c504a8d5eb906957888c96d1964a39fbd56a591422c5792593
-
SSDEEP
384:s5Jxayczq7Yjt9lfle9s6PLeizK6kYGi8:s5DHYeIlfle9HDIi
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1368 wrote to memory of 2820 1368 rundll32.exe WerFault.exe PID 1368 wrote to memory of 2820 1368 rundll32.exe WerFault.exe PID 1368 wrote to memory of 2820 1368 rundll32.exe WerFault.exe