Overview

overview

10

Static

static

10

2e0d819a66...c5.dll

windows7-x64

3

2e0d819a66...c5.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20231130-en
  • resource tags

    arch:x64arch:x86image:win7-20231130-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2023 08:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5.dll

  • Size

    56KB

  • MD5

    1c747e00d3ec0920c3d07e06de761e64

  • SHA1

    e89861d554ae39e238f23112c242d5334db2e6cb

  • SHA256

    2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5

  • SHA512

    510957a0f6927309fd9fe4315138e09bcdd5e1f14bd6129746cace62ac19f5b6360113c7938b6b85093065976b48d543968f5782bc21b2c20bcbd13aa399e271

  • SSDEEP

    768:A21n5lRGhic4Z1KvY2FyZWjlC/gL8MNF7yNcYNzB1BA5V53vrUZKmdbhrknZ:35lCic4Z1DUAsw/gfBWD1ybm1hiZ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2308
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1896
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1896 -s 192
        3⤵
        • Program crash
        PID:2336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads