074e3ffd30b58cb5a3bf92776fe89ddf82a5e48cf1aa6bbf43a9790b3df1b5a3

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
18/02/2024, 16:23

Target

Bin/MediaDecoders.WindowsDesktop.dll
Size

907KB
MD5

b6f11dc9427edc92051721f812ee754b
SHA1

572cf3e7bf92945d60729f6782ff27e746d361c7
SHA256

0296c5f58b962ebed9c5df5955749d1146a6af3e61bde46d7d16a26e997dd908
SHA512

658b9f87396533c282caaaa0d304b618592de038763064634da6f00495cef07b1be9bccd86e4f9f49984e8ec571918f4875d97ce20d2f2a955ecc3b7041f6aa2
SSDEEP

12288:GD0v+cnalwkGAzvQecng7RXBXS0rqKwiyGSwwHwxit0:U0v+r57RxXS0rqKwiNSwwgit

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 952 wrote to memory of 2216	952	rundll32.exe	28
PID 952 wrote to memory of 2216	952	rundll32.exe	28
PID 952 wrote to memory of 2216	952	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Bin\MediaDecoders.WindowsDesktop.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:952
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 952 -s 80
  2⤵
  PID:2216