Analysis
-
max time kernel
116s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
10/04/2024, 14:49
General
-
Target
ed8e06bb9e8771fd06090f44cc15e3ab5a78a6ee7482779db8d36728ceaaa0ab.dll
-
Size
105KB
-
MD5
433cba294ebc3476967aa3f3b18b713a
-
SHA1
91c585571d23bc6903a799339e060f8106b44cc4
-
SHA256
ed8e06bb9e8771fd06090f44cc15e3ab5a78a6ee7482779db8d36728ceaaa0ab
-
SHA512
2a9ebb7cb2bbce2db54eaf53b307d660c9b4b41f6422959a763910731aaa3bea6b14595357d6315affe910fb754be40d47be28c1db80991ad02bcc1924fe4274
-
SSDEEP
3072:3GNvodOaYsPXmRBZ0pIAuGtTBfh61PsR:2CGsUT5AuGtTBpSw
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ed8e06bb9e8771fd06090f44cc15e3ab5a78a6ee7482779db8d36728ceaaa0ab.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ed8e06bb9e8771fd06090f44cc15e3ab5a78a6ee7482779db8d36728ceaaa0ab.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1724 -s 6403⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1724 -ip 17241⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3928 --field-trial-handle=2232,i,11267738607351977302,107266978269557304,262144 --variations-seed-version /prefetch:81⤵