Analysis
-
max time kernel
14s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
21-11-2024 16:15
General
-
Target
cr.dll
-
Size
5.7MB
-
MD5
2a53c7f50b074db464f7dacfcbad3be8
-
SHA1
37061b97ecf311c6165832293f55928fc31dd0c4
-
SHA256
ee5c5dd1aee927a6bcb8e390a0d2c5adcda66da5ec9e7d41b22014dd3181e793
-
SHA512
2384285ebbcc43a409f4cbec20e7e129502804683b1274d1a087e83289523fa9ba6b74243eaa96bd051fb072e16facc5bbbffde818aaa2857cd66463c43199b2
-
SSDEEP
98304:Mvl890Fp9GavfikQQd0aR+AGEAyhjSOwTZL5JLaKl4b9t8ckijA1BsF6Pe6M1N2N:Mvl890FGifikQQd0aR+AGEAyhjSOwTZV
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cr.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cr.dll,#12⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2768 -s 2843⤵
- Program crash
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.8MB