Analysis
-
max time kernel
140s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
19-07-2024 13:39
General
-
Target
b369d88a0436d79ceaa0af48d5c41886bef01b07a55155d8a5ab678c48ab8ca2.dll
-
Size
2.5MB
-
MD5
b4b87806c60fb4d43e71994cc01b7553
-
SHA1
266ee5e717543f40b3dc2daf1f8eec751531e9c4
-
SHA256
b369d88a0436d79ceaa0af48d5c41886bef01b07a55155d8a5ab678c48ab8ca2
-
SHA512
6358c2b83e72709bd5d721e973656f15a209c08ffc1062cd07a67e3eaf8367a107c937c420849c757b6caf306514868980254759c6edb8cb6f4aaa16a72132fb
-
SSDEEP
49152:HlzNv44gxiO75Nj8sA55AcOsrPyuM3R4n6FBA:FzN3gxievAAXar6Wn63
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b369d88a0436d79ceaa0af48d5c41886bef01b07a55155d8a5ab678c48ab8ca2.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b369d88a0436d79ceaa0af48d5c41886bef01b07a55155d8a5ab678c48ab8ca2.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3972 -s 5523⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3972 -ip 39721⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.5MB