Analysis
-
max time kernel
141s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
12/03/2024, 12:24
General
-
Target
1176-55-0x0000000000180000-0x000000000018E000-memory.dll
-
Size
56KB
-
MD5
592035f21b021ece347aa4583bbe8f8f
-
SHA1
c0ef6fd0964489e9a8174e13233df026fbd1aaa0
-
SHA256
77f47300b9a3200911357446fcca87c60bbe1ed790c3f0e5b5da775164f67a2c
-
SHA512
7456247967fe1cb79d11defdc8631677c10f0aac0a93d783d8eeb49a822bede50ffed7994ce7361caadbebc7944d020da7e0d4f893958f8524538ac53c451b20
-
SSDEEP
1536:wi6qeSQiSCPALw/g8yH/cgownoJyCVDxGyxE2:6qeSjVPZ/fyH/TowosYGy
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1176-55-0x0000000000180000-0x000000000018E000-memory.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1176-55-0x0000000000180000-0x000000000018E000-memory.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 872 -s 5603⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 872 -ip 8721⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4008 --field-trial-handle=3044,i,17059189006398306756,4247826696353232857,262144 --variations-seed-version /prefetch:81⤵