96696d9c34dc08813fb92d636f7d0e31755844f320ececaa0de07a0ccd694a83

Resubmissions

10-05-2024 00:32

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-05-2024 00:32

Target

Solara V2.0/runtimes/win-x86/native/WebView2Loader.dll
Size

107KB
MD5

e2a10346ba7b74f8c79afc419ed470d5
SHA1

3ced830ffa621ce122169433b224c3df7fed0f3f
SHA256

79885ef79591964477c09afd51c4f1981a4904601c23247975b9f84cb5d7b84b
SHA512

da58cba7be5bd12048cdd4f31d2835b8db5bbe93ea178941ff1af4cd6712175a0aab2945415d016648399838d80e6e33215d12a25867a4b0102356230ba22803
SSDEEP

3072:XXKaNm8sCEvfpFVUKbiDUuP7ANt+/NvcD/EtK9nsnRj81:X6ac8sCiXbiguP7n8EtSnIRQ1

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28
PID 2212 wrote to memory of 2252	2212	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Solara V2.0\runtimes\win-x86\native\WebView2Loader.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2212
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Solara V2.0\runtimes\win-x86\native\WebView2Loader.dll",#1
  2⤵
  PID:2252