Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
23-07-2024 08:15
Behavioral task
behavioral1
Sample
Rc7 - Cracked/Rc7- Cracked by Roque Exploitzz.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Rc7 - Cracked/Rc7- Cracked by Roque Exploitzz.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
Rc7 - Cracked/Rc7.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
Rc7 - Cracked/Rc7.dll
Resource
win10v2004-20240709-en
General
-
Target
Rc7 - Cracked/Rc7.dll
-
Size
4.6MB
-
MD5
882d31a38dbc169e51395f71f0eff5f1
-
SHA1
0740b7158f86b98c45738b6b325e42a7f106fedf
-
SHA256
1ca54533be8464d8a2275bf252cd619ee2c1d80f2023125b180af3aaaa8f64d6
-
SHA512
6b7d80d3b26199a33c0d095e95792af88fef9a218bca853f009e4646297981f75ee54e99d54cc9b1530aa75978e8e6edd6d71386d7a20b8525690c4c13cb6c37
-
SSDEEP
98304:lVQx8t9hlqVUZWNP9GJ3yL0wNHEmNL+MLOYTJh03QBEx+:lwSZ2YJ3ENNVNLJSYTj0g2x
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid Process procid_target PID 3028 wrote to memory of 2184 3028 rundll32.exe 30 PID 3028 wrote to memory of 2184 3028 rundll32.exe 30 PID 3028 wrote to memory of 2184 3028 rundll32.exe 30 PID 3028 wrote to memory of 2184 3028 rundll32.exe 30 PID 3028 wrote to memory of 2184 3028 rundll32.exe 30 PID 3028 wrote to memory of 2184 3028 rundll32.exe 30 PID 3028 wrote to memory of 2184 3028 rundll32.exe 30