Analysis
-
max time kernel
141s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
21-05-2024 20:56
General
-
Target
0e32c4a102a6d6aa7daf78ee7b95e7c3a9a04490c778ffdea4c086d037fafda4.dll
-
Size
498KB
-
MD5
68424fe8e0f3e71ab3b0fef45da6f070
-
SHA1
f3a1cc5f085fcba5a9de34c24fca61f92cab9946
-
SHA256
0e32c4a102a6d6aa7daf78ee7b95e7c3a9a04490c778ffdea4c086d037fafda4
-
SHA512
3a997b22c402649919ba81225b9cad502809a13424e517c16d61d819c6432aef4fbfd2061365594da78e34c26f1eeb2ca8b1876be1379a1cb7bf2a7c9d194582
-
SSDEEP
12288:xFG4+ezgc8VwxDnBAHj1Oue6CjA8SraLH10F2oKbRtqfDa+BTT4qx9lU:UHj1Ou7d8S4H1ttqfDa+RT4qx9l
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0e32c4a102a6d6aa7daf78ee7b95e7c3a9a04490c778ffdea4c086d037fafda4.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0e32c4a102a6d6aa7daf78ee7b95e7c3a9a04490c778ffdea4c086d037fafda4.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3308 -s 6363⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3308 -ip 33081⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3984 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:81⤵