Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2024 21:31

General

  • Target

    S0laradD/locales/resources/app.asar.unpacked/node_modules/vibrancy-win/binding.dll

  • Size

    118KB

  • MD5

    6c12c930f974e5bc7872b58964f42359

  • SHA1

    805c5c899c32535d2ee8b2bc12deefe5fdaae566

  • SHA256

    094bfeb0692885f1e56bb363e1065099eab48a7988c8603fd6a3fb49ec88b09c

  • SHA512

    f46c416e3f33e0526c2d4cb3df738f7c9b11fece350b90ca9613e5d86bae7a363dd20b80d62f5745a9d51773b655199537b09fcf47acf226f35002f39f1596d3

  • SSDEEP

    3072:/WKjx2yp1tLqA1HB4kdeRqGmX5EMMi6leGS:3xBPVf1HB4kER4UFhS

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\S0laradD\locales\resources\app.asar.unpacked\node_modules\vibrancy-win\binding.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2296
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2296 -s 156
      2⤵
        PID:2228

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads