Overview

overview

3

Static

static

3

AcSpecfc.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/05/2024, 11:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AcSpecfc.dll

  • Size

    461KB

  • MD5

    775c3b0a043bd1320fa32b48b5675f52

  • SHA1

    57d1e6e74f5004975be274f1a8c504f40e361fa6

  • SHA256

    224f0f89c9127b45e192f0b1afbabf3c6d4a03dfba6c34c9257ea1f9ea153e40

  • SHA512

    dc0903600be15ef7adb851ed47861d7eff89ba3897c2c72e8e27b127e8d4af0180ea87d60c5e97e71695bcc213d6292e359eab28a86c79207ff4520565b79205

  • SSDEEP

    6144:Q41wUGijRJ/zkq0hqjQmBF12qcax6OWeJoPT+WO6UMVLdyKfWVxD:/16ioATFQqDx6OhJoilhjD

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\AcSpecfc.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\AcSpecfc.dll,#1
      2⤵
        PID:3392
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3392 -s 716
          3⤵
          • Program crash
          PID:4636
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3392 -ip 3392
      1⤵
        PID:1744

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads