Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-03-2024 07:10
General
-
Target
$PLUGINSDIR/dulsmde.dll
-
Size
105KB
-
MD5
9dcfa8231f1896ca0d48d53fb116841d
-
SHA1
13f92a4af7931b2aabd918d6d3cf4589e316331b
-
SHA256
6e1d37a9909f1774db945f4427800e4d0b821fdca41598f12dba41b59fa3c901
-
SHA512
75d3a9ff265971c659444bd13fc28f90a77e0ce709a34a6c46f9ec75fd7f337df5dbf5ec74b4129890b4b724e40aa10863f6d8d7e74a747ce7c5311f97513d09
-
SSDEEP
1536:MOFgGAexpLuHJsu05OpmubCPMG9zpEENfuJSPRHKarriUCy3WklS9ncobUfs/MdL:hFgGA8uq9Bn1bJCyxlSrbMdyqWU
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\dulsmde.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\dulsmde.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2692 -s 2723⤵
- Program crash