42063096fb0290bb4eb2e52ce45053ad0441cd03e90b743a600ec468876ff26e

Analysis

max time kernel
117s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
23-07-2024 20:55

Target

42063096fb0290bb4eb2e52ce45053ad0441cd03e90b743a600ec468876ff26e.dll
Size

134KB
MD5

adeed0b2666d6e90ae9a4699e855bbf2
SHA1

97dfc9ca7fa7fc3b5190a623eae4b2e144d4223f
SHA256

42063096fb0290bb4eb2e52ce45053ad0441cd03e90b743a600ec468876ff26e
SHA512

55d50a98b9f2cd485e06c1eee7c7f50c4c6826290d634d18951da99cf3494fef4bfd462ccc4deea6d52eebeeaf744b3c17698c68b7d3171969d4d159df9e717e
SSDEEP

3072:3vlj3cLjXQXqRULknOk06I4vPbEUvmMzxaY8:3R3wYYUwnI6IUbEGB8

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2284 wrote to memory of 2012	2284	rundll32.exe	31
PID 2284 wrote to memory of 2012	2284	rundll32.exe	31
PID 2284 wrote to memory of 2012	2284	rundll32.exe	31

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\42063096fb0290bb4eb2e52ce45053ad0441cd03e90b743a600ec468876ff26e.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2284
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2284 -s 188
  2⤵
  PID:2012