1d131f31226e92a166a193f45130347be036669051c9d31e2e79d863e4a75fad | Triage

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
06/08/2024, 18:32

Sharing

Report Analysis Logs

General

Target

7z/7z.dll
Size

1.7MB
MD5

bbf51226a8670475f283a2d57460d46c
SHA1

6388883ced0ce14ede20c7798338673ff8d6204a
SHA256

73578f14d50f747efa82527a503f1ad542f9db170e2901eddb54d6bce93fc00e
SHA512

f68eb9c4ba0d923082107cff2f0e7f78e80be243b9d92cfab7298f59461fcca2c5c944d4577f161f11a2011c0958a3c32896eba4f0e89cd9f8aed97ab5bc74f9
SSDEEP

24576:fznngr4eig/HxkaoDFITvg9iLXYgIcjWBzb139EOapmYp:fz64gxnoRGI9MXFrjWLNEOapmYp

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 2764	2136	rundll32.exe	31
PID 2136 wrote to memory of 2764	2136	rundll32.exe	31
PID 2136 wrote to memory of 2764	2136	rundll32.exe	31

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7z\7z.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2136 -s 120
  2⤵
  PID:2764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads