3a8bef698747cec862999b7a02906e3a1ce3c8a71bee27af317dd50b08fecd0f

Analysis

max time kernel
119s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
03/07/2024, 04:35

Target

3a8bef698747cec862999b7a02906e3a1ce3c8a71bee27af317dd50b08fecd0f.dll
Size

328KB
MD5

bc1124e581e879f45dffbc31b4d0c5b0
SHA1

889d4a3dfb7db42b61324517fc4e17c9cc61eb9d
SHA256

3a8bef698747cec862999b7a02906e3a1ce3c8a71bee27af317dd50b08fecd0f
SHA512

d135b82a802ab76a7be64aa017433722390e936940a0e9be31a18277ec278b9fee16f834d465e50b426378043b7996faa28923fa3d4e8fa3ab5a8c3053793b97
SSDEEP

6144:nzpmsLrHzbQnHqXt+YmgtN8XNVV6/9i4x4dNJ3xEoQAP65m/:9rQHqXEYmgsVV6/w4xONJ3Ko5Cm

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2120	2424	WerFault.exe	28

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2436 wrote to memory of 2424	2436	rundll32.exe	28
PID 2424 wrote to memory of 2120	2424	rundll32.exe	29
PID 2424 wrote to memory of 2120	2424	rundll32.exe	29
PID 2424 wrote to memory of 2120	2424	rundll32.exe	29
PID 2424 wrote to memory of 2120	2424	rundll32.exe	29

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3a8bef698747cec862999b7a02906e3a1ce3c8a71bee27af317dd50b08fecd0f.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2436
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\3a8bef698747cec862999b7a02906e3a1ce3c8a71bee27af317dd50b08fecd0f.dll,#1
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2424
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2424 -s 244
    3⤵
    - Program crash
    PID:2120