619712355ece974af81c9bd5a83ac8cda93bb469c3fe7b844f48a29b15f3c3c4

Analysis

max time kernel
23s
max time network
16s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
16/07/2024, 07:21

Target

SecuriteInfo.com.Win32.MalwareX-gen.12609.dll
Size

40KB
MD5

bb40042671916b4bbee034a775ad0cb5
SHA1

f3d971943f83a4c8385d65640c54edd9274fc3d6
SHA256

619712355ece974af81c9bd5a83ac8cda93bb469c3fe7b844f48a29b15f3c3c4
SHA512

d1a5b989ffc5d02823408a4d2d5454f1a6916d5ed2adb4aded8445e3a34a5e83746824e43e80962ae6d5fd1b26f52762e259cd8cc5b6754de07756f50356e811
SSDEEP

768:yTY7oCdxWI/zPEiw1iNofEdoFeEiPt04vHhOXlpzw6:ycdxRbPEjiN0vMhP6Uh2lpzw6

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2116	2892	WerFault.exe	30

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2164 wrote to memory of 2892	2164	rundll32.exe	30
PID 2892 wrote to memory of 2116	2892	rundll32.exe	31
PID 2892 wrote to memory of 2116	2892	rundll32.exe	31
PID 2892 wrote to memory of 2116	2892	rundll32.exe	31
PID 2892 wrote to memory of 2116	2892	rundll32.exe	31

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.MalwareX-gen.12609.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2164
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.MalwareX-gen.12609.dll,#1
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2892
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2892 -s 236
    3⤵
    - Program crash
    PID:2116

memory/2892-0-0x0000000010000000-0x0000000010006000-memory.dmp

Filesize
24KB

Download
memory/2892-1-0x0000000010000000-0x0000000010006000-memory.dmp

Filesize
24KB

Download