35debf3579e156118488c443fbb503f2dc5f65671bab790c15c923da53dbbdf6

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
18/03/2024, 14:44

Target

C.C.A HooK V2.0 For Private/CCA-Hook.dll
Size

324KB
MD5

4e95782cd6ec684502ba2b90995078b6
SHA1

d568b868f15b12aaf3b25399b335fd2d894421f7
SHA256

0fcfa6aa698a45d649dcd490a834499ce0e4c75786320c0188c6fed8cb1161a7
SHA512

bb5e03fa65b41c53434c38c1083edf2f903ca2586ea532dbd4c061a59bc68dffe6e7446b5e452d8b4647d976896991b1200ac3989610e0e78a70e1ccc99891c1
SSDEEP

6144:1SFgrgMxZWgG9mO0252Mp9DqchHxnTUWQekcB1CCz:18wVtD252MpfhHxnRQeH1t

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1656	2288	WerFault.exe	28

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2240 wrote to memory of 2288	2240	rundll32.exe	28
PID 2288 wrote to memory of 1656	2288	rundll32.exe	29
PID 2288 wrote to memory of 1656	2288	rundll32.exe	29
PID 2288 wrote to memory of 1656	2288	rundll32.exe	29
PID 2288 wrote to memory of 1656	2288	rundll32.exe	29

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\C.C.A HooK V2.0 For Private\CCA-Hook.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe "C:\Users\Admin\AppData\Local\Temp\C.C.A HooK V2.0 For Private\CCA-Hook.dll",#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2288
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2288 -s 252
    3⤵
    - Program crash
    PID:1656