4ffd4c272fd15fd56519eb09b60df2b76368283b5e51a402d7324251542279eb

Analysis

max time kernel
27s
max time network
17s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/02/2024, 03:58

Target

Mod Menu 1.3/App/libEGL.dll
Size

462KB
MD5

c05f866a57fe0eaeaea30a88e8ea4045
SHA1

30d91814eb79c6051338506b2e2f294397aaf6f5
SHA256

82737744f249882701ee5ee5b4e123bfa832d8db0ca1be5c3fe4ec6956d3c004
SHA512

976050e572fdc52f5809a9352952028cf0bed5b51463e92d81a2a70ba0beb6a5fe9c316a5a3d085c9d4f2649415625c0789265d9daca6574fc637eb03bb97b40
SSDEEP

6144:O7Za8kUX/jvtGTB0ISW4fKHlLMQs3I3gQeHzd2Mgd7McviJT1BziI:+aMX/jvtGTBDSW4yWIi5cv0ziI

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2304 wrote to memory of 2312	2304	rundll32.exe	28
PID 2304 wrote to memory of 2312	2304	rundll32.exe	28
PID 2304 wrote to memory of 2312	2304	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Mod Menu 1.3\App\libEGL.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2304
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2304 -s 80
  2⤵
  PID:2312