Analysis
-
max time kernel
92s -
max time network
93s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
09-06-2024 03:38
Behavioral task
behavioral1
Sample
54e0793cdade34f290485e001561de6e80a81b7ffc5ff94b0e2b67fdf6e20f9c.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
54e0793cdade34f290485e001561de6e80a81b7ffc5ff94b0e2b67fdf6e20f9c.dll
Resource
win10v2004-20240426-en
General
-
Target
54e0793cdade34f290485e001561de6e80a81b7ffc5ff94b0e2b67fdf6e20f9c.dll
-
Size
218KB
-
MD5
101d7df34f8b27cfdf6dc660fd0d1609
-
SHA1
726e0f71e6741dbcb48a0ab5bf0f82a98b248dce
-
SHA256
54e0793cdade34f290485e001561de6e80a81b7ffc5ff94b0e2b67fdf6e20f9c
-
SHA512
b0d708c4c58cbfb071324a9fbdb0c8f5593dc05d3f073c3dcbef00772d5f38282f9f456819009c2628e330966659ba426612a9b2fff3885fe477374a68c6ff3a
-
SSDEEP
3072:MfyTFpXSc43UtiD8Umh8I6lk0bF+EjJeNDU2a7i78nifiRjdUz5Zp/BS:MfsD4ktiD8UI8I66C+6AsXnifujkz
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2956 1668 WerFault.exe rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4484 wrote to memory of 1668 4484 rundll32.exe rundll32.exe PID 4484 wrote to memory of 1668 4484 rundll32.exe rundll32.exe PID 4484 wrote to memory of 1668 4484 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\54e0793cdade34f290485e001561de6e80a81b7ffc5ff94b0e2b67fdf6e20f9c.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4484 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\54e0793cdade34f290485e001561de6e80a81b7ffc5ff94b0e2b67fdf6e20f9c.dll,#12⤵PID:1668
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1668 -s 6363⤵
- Program crash
PID:2956
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1668 -ip 16681⤵PID:4320