Overview

overview

10

Static

static

10

c3dfcd55ea...b6.dll

windows7-x64

10

c3dfcd55ea...b6.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240319-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-04-2024 14:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c3dfcd55ea3b621537c1d7170212249d3d12f96a08d0e5c2ed1d4f0cf6036eb6.dll

  • Size

    285KB

  • MD5

    3bb71cef8a643cf00aef4ed04a599b12

  • SHA1

    bf8a77be54fffaca0775b2947e29b46959c010b9

  • SHA256

    c3dfcd55ea3b621537c1d7170212249d3d12f96a08d0e5c2ed1d4f0cf6036eb6

  • SHA512

    82f48dd1f2bab3cb53f9d0127f4dc53a247e5af05a1ae7b7f6271bf1676560305df726c72bd330a387edba86714bfe45b65029720b4faeaf1a10a905fe617a9e

  • SSDEEP

    6144:Rpb77NuFerqK7RcRYkcrY4MCIt07iPlvU0jVI8:fNuFe+MnES76U0jVI8

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\c3dfcd55ea3b621537c1d7170212249d3d12f96a08d0e5c2ed1d4f0cf6036eb6.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\c3dfcd55ea3b621537c1d7170212249d3d12f96a08d0e5c2ed1d4f0cf6036eb6.dll,#1
      2⤵
        PID:468
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 468 -s 600
          3⤵
          • Program crash
          PID:1224
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 468 -ip 468
      1⤵
        PID:2988
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4056 --field-trial-handle=2264,i,7994609493164365963,13212734413040148104,262144 --variations-seed-version /prefetch:8
        1⤵
          PID:1872

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads