Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
01-07-2024 13:38
General
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
10e8921a6e7f6a74671b07dc3bde626f
-
SHA1
b7961066600ef193c5319dbeed3673dc60110a50
-
SHA256
c85142f86e1ec02f7ef8d5ba31b22031de3de9a16bce519d5482b824afb277eb
-
SHA512
4c19a7e3117baeec3f6a7f9a33cfab392255741137406db87fe5ac24def7f9a28b2ed0fc26f0f46c5d43ba1bb6675dea74410a797bfd265e38812b042460aa00
-
SSDEEP
192:Q9rQDenC9VrcK7REgSWOprANupQYLRszDDH/d9CWlXo7U6Wxf:QJQEaVAK7R9SfpjpQYLRszfH/d9CWB1j
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#12⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3068 -s 2203⤵
- Program crash