Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02-03-2024 22:27
Behavioral task
behavioral1
Sample
1324-67-0x0000000000120000-0x0000000000129000-memory.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1324-67-0x0000000000120000-0x0000000000129000-memory.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
1324-67-0x0000000000120000-0x0000000000129000-memory.dll
-
Size
36KB
-
MD5
b93afbaf0bfb03ae3cfb915f7b5be8f0
-
SHA1
d6a03db1c6608d5077ec2bc6659f580f60fabb57
-
SHA256
a571c1fdbdf3e7f2716b5e3ce4e504425ed67d7564116fd4921a0b8ff7208181
-
SHA512
def5bac78c8dc5de2e73b362d11fda34de0beaab64062605df2e5f46a277aca7efb69ded531876fd8e1ced17cb13a843dfba6b813297580c2987e00436bd6f0d
-
SSDEEP
192:6P+nM5KC/zxayGc3gzq7YjDaqzJCueT+RfbZne9s6PLOWywP0tkYGijY:s5Jxayczq7Yjt9lfle9s6PLfv6kYGi8
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2196 wrote to memory of 2264 2196 rundll32.exe WerFault.exe PID 2196 wrote to memory of 2264 2196 rundll32.exe WerFault.exe PID 2196 wrote to memory of 2264 2196 rundll32.exe WerFault.exe