Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
13-03-2024 17:53
Behavioral task
behavioral1
Sample
2104-54-0x000000006D7C0000-0x000000006D819000-memory.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2104-54-0x000000006D7C0000-0x000000006D819000-memory.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2104-54-0x000000006D7C0000-0x000000006D819000-memory.dll
-
Size
356KB
-
MD5
32ebc1a5a8dfecfc8323ecc0925f3870
-
SHA1
2b5da302e01ae4669d9ed0405089fe23f599b797
-
SHA256
e41ad463d4aabd0c5b9d977341fd9db9bbf92868677d644801b24d2d3be1800b
-
SHA512
cd1937344a30846fa0d9b201e0e0d5c56a062161af31fb0418344e1ab66d18ed2ad8635cce6f81456b8077ab01e2de7c2d2e77b91776023159a2fa53a440a6de
-
SSDEEP
3072:5CQ6ZN8FG/rNlYsfqJCIPCB5OlbbOcDYa0AL5GQ1FcIEHkyPEbI0gab96BJLbb7x:4QsNrcNCALiC7bgJXb7iJj8qhp/BTKL
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2016 wrote to memory of 2744 2016 rundll32.exe WerFault.exe PID 2016 wrote to memory of 2744 2016 rundll32.exe WerFault.exe PID 2016 wrote to memory of 2744 2016 rundll32.exe WerFault.exe