Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    27-12-2024 01:56

General

  • Target

    Symbranchia/libgmp-10.dll

  • Size

    619KB

  • MD5

    819bc7486589d014d8fb07fa48fda00f

  • SHA1

    0875f331bc35f31f90c8c6beae587118e3c74e82

  • SHA256

    09a0f42528f124955dca1ff2905f04e8add2b490cd34d1743c175dddccfeb48a

  • SHA512

    82ba377e0b991d691508b5f2f96b69932bb6a8c77c9e6c43cab869b8986fa1daaefe703b1725af08c83158bc838560799f426726b58f6d430bc068a5882f91ed

  • SSDEEP

    6144:VqCGo2jbRSFZxZ3S9fO4yciqIJuYpvTHq7yXE/0vk5bBGslJ6NoUuUPaT1QANbr6:8Rsx8iP0/GkW/uUi6Al6G+Jh3

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Symbranchia\libgmp-10.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:856
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 856 -s 80
      2⤵
        PID:2320

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/856-0-0x0000000074670000-0x0000000074711000-memory.dmp

      Filesize

      644KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.