Overview

overview

3

Static

static

3

3c12913ceb...f7.dll

windows7-x64

3

3c12913ceb...f7.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    44s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2024, 06:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c12913ceb53b32501057f6275c0cef7.dll

  • Size

    44KB

  • MD5

    3c12913ceb53b32501057f6275c0cef7

  • SHA1

    044577080bfc692bfc9bb8e337977e46bfa4ac41

  • SHA256

    faa53cea259319214ed2933d0a6151a24c5445b730fa97d34cc83586ea51a251

  • SHA512

    7b28837ef9aedf8faa3ee0cf1ee5b32a54ca4a31ac11481d2924164a8d62da1699a475d7bff3aac12baa9271dd7f7e986037a680e3339ea10d2c7abfb349f3ea

  • SSDEEP

    768:xgc3YFfLDhDoD6Cg/wjT62pJMf3o3+q/uR4Wptlb:18LtO6YjQ2YHR

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3c12913ceb53b32501057f6275c0cef7.dll,#1
    1⤵
      PID:3752
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3752 -s 628
        2⤵
        • Program crash
        PID:3232
    • C:\Windows\system32\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3c12913ceb53b32501057f6275c0cef7.dll,#1
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:4672
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 3752 -ip 3752
      1⤵
        PID:5024

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads