Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
31-03-2024 10:30
General
-
Target
$PLUGINSDIR/ukczapxqnn.dll
-
Size
106KB
-
MD5
5a0549e4b724e46317ac8d0ff1f0aefe
-
SHA1
0d05ea79d334c8c44c8375367442325072532473
-
SHA256
0def082d0bbe804cfa3f70e3bc79cf1d97507506481f41f0f1761fb9a90e7ac1
-
SHA512
10ab45a6c0e71e3544176c2165fa4189825720434ee21924ea86d077eb929e07e38ddb2506e2d4006a4c1c88cf21dca31b80f8a1ca6793a748a7b420f7784e50
-
SSDEEP
1536:h0FgGACxpzur6su09gEmzVl4sNUEhzAIeCzvFa/HpRYB/I3Wklf9ncobUfsHEZ5F:2FgGAAuRQj4PERgpxlfrrO3A
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\ukczapxqnn.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\ukczapxqnn.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2184 -s 2923⤵
- Program crash
-
-