Overview

overview

7

Static

static

7

7b846b8b6f...84.dll

windows7-x64

1

7b846b8b6f...84.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2024, 23:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7b846b8b6f7cde6405419fe3bea3b784.dll

  • Size

    72KB

  • MD5

    7b846b8b6f7cde6405419fe3bea3b784

  • SHA1

    52bceecb395dbde35212154074a34d580bf03fbe

  • SHA256

    bc51be3c3bce15cbd7e2945428f87f445365b92a4d5c3010ee72a840a9cec64c

  • SHA512

    14f89b9f49043cba340886ab42d20a56e65020a790a3e9c886f194ff062ad925f62c12c7e7e26a2c525fdd46fccdb2a3ff4b27b987eebcde09681b0a63ba015d

  • SSDEEP

    1536:19H/oOFtVasmpQMNE9WNdx6MiEMekVswACG8VBFz2bW+jnouy8sA:/fr3VasCkWnlcPFqa+boutsA

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\7b846b8b6f7cde6405419fe3bea3b784.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3164
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\7b846b8b6f7cde6405419fe3bea3b784.dll,#1
      2⤵
        PID:4604
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4604 -s 568
          3⤵
          • Program crash
          PID:652
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 4604 -ip 4604
      1⤵
        PID:1512

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/4604-0-0x0000000010000000-0x0000000010026000-memory.dmp

              Filesize

              152KB

              Download