57282b36959ed21586025684fecbef94ccfc9b779d4d2b5432a860b22ba55df5 | Triage

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
13/03/2024, 17:00

Sharing

Report Analysis Logs

General

Target

Protein.4.2.dll
Size

5KB
MD5

ee5a2cbef1e99a5ab1102fcb84d0fda1
SHA1

b0873834bb1e5773daf6c67ac6095e453909829c
SHA256

57282b36959ed21586025684fecbef94ccfc9b779d4d2b5432a860b22ba55df5
SHA512

f5a666697d368e3a78f3c1a1b7df26b5f4a6fe89e714ed04ef41c4270095ce508dfac74a34ffbd780d4f7545b39b9eee17b222aea83e7799f1ec7394f29293a8
SSDEEP

96:9DwcNHP12D+/9LmH6kjhiyhiO2Kt4t2HvPxT3Ag:9Dwcdp9LmH6QrcO7t4tCvPxTwg

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2192	2868	WerFault.exe	28

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 1888 wrote to memory of 2868	1888	rundll32.exe	28
PID 2868 wrote to memory of 2192	2868	rundll32.exe	29
PID 2868 wrote to memory of 2192	2868	rundll32.exe	29
PID 2868 wrote to memory of 2192	2868	rundll32.exe	29
PID 2868 wrote to memory of 2192	2868	rundll32.exe	29

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Protein.4.2.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1888
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\Protein.4.2.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2868
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2868 -s 228
    3⤵
    - Program crash
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads