Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-06-2024 23:22

General

  • Target

    7bcff4035a9298f16f2253151884cc96a62a8001b135e8c231819b098459a9ca.dll

  • Size

    636KB

  • MD5

    f9555f1a60106a41b9f527bf86bf2842

  • SHA1

    2cd758947132a2208101e86fac9478fce610813f

  • SHA256

    7bcff4035a9298f16f2253151884cc96a62a8001b135e8c231819b098459a9ca

  • SHA512

    6f84708b1f9f8743f01e3a6a81f254988c2fc83c6ca33336a7a139e8a349f7a77182290038fafaff2fa3057f2e2fb5f09d53fc874985d242501471af5cd3fbce

  • SSDEEP

    6144:t87P/lGV9CrDE0UXLBdcbns5HKFygjCBGUhoO4jsRiljfNtoS9YiUyx1NKOEqcYt:t8DlGV4rDE0UXLUb8gjCBGXRNthbD1c

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\7bcff4035a9298f16f2253151884cc96a62a8001b135e8c231819b098459a9ca.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2932 -s 120
      2⤵
        PID:3024

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads