Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
31-01-2024 12:29
General
-
Target
True2ScanCore.dll
-
Size
212KB
-
MD5
7c360237b662d26a7b93f16116d46cee
-
SHA1
ba193f555358b2ad804d2a3d62542db24f408d1c
-
SHA256
df0c76f765f91803df2122dc9a3dec9144c53edddfa23e763e19c6b3719a8cbb
-
SHA512
afce501b57b83fe40390ca13a2332816f3ab549c3f0903235ac5b60befbefdd4e2fa1480311007d92e8556e0a6c6ca9519e1a8c2065af1d818bf9ef95255cb4c
-
SSDEEP
3072:5QWFdWhevzQsYfbA53a/swuzlbTm6XhefBBubeNYfy+se0HrBSs9uh3evESliGJ5:qWDIgsM9aWbDXtihFeqrBSQe3LGrUr
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\True2ScanCore.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2248 -s 2282⤵
- Program crash
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\True2ScanCore.dll,#11⤵
- Suspicious use of WriteProcessMemory