898469d7ea89a6c106c1aceb314930cd270e3f916ad725a83c04fca829b5b5a8 | Triage

Analysis

max time kernel
117s
max time network
124s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 20:54

Sharing

Report Analysis Logs

General

Target

zlibwapi.dll
Size

138KB
MD5

54789344b07bed58e43851eca47e2b12
SHA1

93c561365bc7f1cbb5385d0323ed81044a6ec276
SHA256

9f8729ac49e0ccea86fe3b1a9b2c3fae9986ecd09db92853e7a588dbda85bf90
SHA512

54d4af3de4b12ff8f25a4596cdb97bb32fd739217f99849bdebe5ca92d801cb5564d4407193bcbfaf8118e5d3391543a80ff08371e28c35c2c091d9ff90a3692
SSDEEP

3072:rjdSKCC+FzNehv8Rqiq9+yVojaylvjTBfxvA:rjdS8czEuqFVojzlvjTBJ

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1936	1520	WerFault.exe	28

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 2192 wrote to memory of 1520	2192	rundll32.exe	28
PID 1520 wrote to memory of 1936	1520	rundll32.exe	29
PID 1520 wrote to memory of 1936	1520	rundll32.exe	29
PID 1520 wrote to memory of 1936	1520	rundll32.exe	29
PID 1520 wrote to memory of 1936	1520	rundll32.exe	29

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\zlibwapi.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\zlibwapi.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1520
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1520 -s 224
    3⤵
    - Program crash
    PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads