cb3657bddc2118bc0d73d817c9499154cbdd097470054d26fe568c127d6193eb

Analysis

max time kernel
141s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/01/2024, 13:12 UTC

Target

74c88f30280de04cf1e7ce6375c4d33f.dll
Size

13.4MB
MD5

74c88f30280de04cf1e7ce6375c4d33f
SHA1

5d6ee01cbe034484af7f2418a3179647af882bfc
SHA256

cb3657bddc2118bc0d73d817c9499154cbdd097470054d26fe568c127d6193eb
SHA512

b6bcf99be9f284db79a92145a01e6ff66d4984e15755c3a69ca5af8dfb7ea0e430beb8dc42b940307dd83a4e114f2dcb907a70970ac9ad4fde8cc94330f3848b
SSDEEP

98304:zCu7+6hz/eV7IXfpn3x5WAoftY1ncs4ygfXbU:Z+612Buhz7oftY945XbU

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2056	1988	WerFault.exe	28

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 2444 wrote to memory of 1988	2444	rundll32.exe	28
PID 1988 wrote to memory of 2056	1988	rundll32.exe	29
PID 1988 wrote to memory of 2056	1988	rundll32.exe	29
PID 1988 wrote to memory of 2056	1988	rundll32.exe	29
PID 1988 wrote to memory of 2056	1988	rundll32.exe	29

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74c88f30280de04cf1e7ce6375c4d33f.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2444
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\74c88f30280de04cf1e7ce6375c4d33f.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1988
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1988 -s 340
    3⤵
    - Program crash
    PID:2056

memory/1988-0-0x00000000022B0000-0x000000000301C000-memory.dmp

Filesize
13.4MB

Download
memory/1988-2-0x00000000022B0000-0x000000000301C000-memory.dmp

Filesize
13.4MB

Download