Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    16-12-2024 23:22

General

  • Target

    Makala Executor/bin/libcrypto-3-x64.dll

  • Size

    4.5MB

  • MD5

    be0f6d1d60e149cedaca33a04963e05f

  • SHA1

    b686e1ed9ae47b8ae803a5d9e912b0e631bc4217

  • SHA256

    81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86

  • SHA512

    7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff

  • SSDEEP

    98304:5l+f+Kv6t8y37re39P6k1CPwDvt3uFGCC:/Cyt8yLre39yk1CPwDvt3uFGCC

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Makala Executor\bin\libcrypto-3-x64.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2016 -s 88
      2⤵
        PID:2612

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads