c82070a26181fc73e25bb7ec6024415e492f3b2933c93fa39a96b8c054e84eaa | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19/08/2024, 15:18

Sharing

Report Analysis Logs

General

Target

8482346cc89f2afa94527bbf328a8800N.dll
Size

41KB
MD5

8482346cc89f2afa94527bbf328a8800
SHA1

f7868d10595c17d380f3e75e6c3fce55c8c42da0
SHA256

c82070a26181fc73e25bb7ec6024415e492f3b2933c93fa39a96b8c054e84eaa
SHA512

6815d256fa66482700fff3d5e97b5a50b261b5eccdd0ac6cd9eaa963d814ff0cd7c9df9515a18887ed6961ca21feaac32addb141ba489de5c3d7f23429121945
SSDEEP

768:G9tvfQxUq1R9zZf6gElDV/Rxw9zFY3Ay9z5eX:G9tvfj2zsZpIzy3AOz4X

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2808	2360	rundll32.exe	30
PID 2360 wrote to memory of 2808	2360	rundll32.exe	30
PID 2360 wrote to memory of 2808	2360	rundll32.exe	30

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\8482346cc89f2afa94527bbf328a8800N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2360 -s 80
  2⤵
  PID:2808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads