Analysis

  • max time kernel
    142s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:36

General

  • Target

    91See_QuickView/SliderAutoPlay.dll

  • Size

    180KB

  • MD5

    e9f134ace9e1fafad99d6f051f3512cb

  • SHA1

    0ec206aa285614a0181b4b4676d85941f9c070be

  • SHA256

    9b7ceb294e60175cb1ff75647b24150f192db8f8a36369995c84e4e7bc61241b

  • SHA512

    8fd0e34b26ba1d67cb85fe2ea461dfd87b9c56b97f28b29d66306f3f14453093adc0a35be1492d0e21d67e15560d6e70c4e7e24926cd23811ea5c40e423a09dc

  • SSDEEP

    3072:kW3QAC3w24r8sQT3CbTeStvuxOgfRI+NirKYKTVk:kqQAP3r8sxHeStkOguNrKY5

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\91See_QuickView\SliderAutoPlay.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1948
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\91See_QuickView\SliderAutoPlay.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2300
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2300 -s 276
        3⤵
        • Program crash
        PID:2468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2300-0-0x0000000000100000-0x0000000000113000-memory.dmp

    Filesize

    76KB

  • memory/2300-2-0x0000000060900000-0x0000000060969000-memory.dmp

    Filesize

    420KB