Overview

overview

10

Static

static

3

c5e845e2dd...c4.dll

windows7-x64

3

c5e845e2dd...c4.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c5e845e2ddf8a5f40394d7d4840c7441c0aa26ebec93020a6ac5d380a759b5c4.dll

  • Size

    276KB

  • MD5

    f2a8dba317bc319dc46f811c604057fc

  • SHA1

    d0bbcbd28021d080e5c58f60a639d410d55c5d3f

  • SHA256

    c5e845e2ddf8a5f40394d7d4840c7441c0aa26ebec93020a6ac5d380a759b5c4

  • SHA512

    0cea40e27efdaef61a4d62b08d164a93bc151953053349d14b3fd5eea3fa7806955f45aa3e33aee134fa0124a681b84834eb3deb945613da0cc9ca60a86975b8

  • SSDEEP

    6144:SzmPaTbk12Al0uZGvtdZysYpuUb5p9TwHlM823HNb:4mPaTbk1240vvt5UbTNwHPw

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\c5e845e2ddf8a5f40394d7d4840c7441c0aa26ebec93020a6ac5d380a759b5c4.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2968
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\c5e845e2ddf8a5f40394d7d4840c7441c0aa26ebec93020a6ac5d380a759b5c4.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2984
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2984 -s 224
        3⤵
        • Program crash
        PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads