Analysis
-
max time kernel
148s -
max time network
169s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
30/12/2023, 01:12
General
-
Target
09ac10fe6bce784c88ad27c4ef8aff43.dll
-
Size
37KB
-
MD5
09ac10fe6bce784c88ad27c4ef8aff43
-
SHA1
f52f786be9c6ac777f465e3d33a342011a0bdcba
-
SHA256
c01c8d17b9e83314cfe7acf87d31b8aef6503500bc07f831e48f78706522246d
-
SHA512
23dedeace94f75770d7f2a3861b44401b4ae46f8a0077bc816a3c3162ef322371a56f626982abb6958e3941a7c7140b644a9f0dd7fbb0ff72dfba7047f0154ac
-
SSDEEP
768:wy0qJQRvLCr6bWDWAxcHQDkavRIqi3NLExx:H0qJQhLTg7cirIqCqx
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\09ac10fe6bce784c88ad27c4ef8aff43.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\09ac10fe6bce784c88ad27c4ef8aff43.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1544 -s 6283⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1544 -s 6283⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 180 -p 1544 -ip 15441⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
60KB