Analysis
-
max time kernel
129s -
max time network
23s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
30-05-2020 09:13
Static task
static1
Behavioral task
behavioral1
Sample
5781.dll.exe
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
5781.dll.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
5781.dll.exe
-
Size
1.1MB
-
MD5
3b14b098bd1f2f321add748d56d76604
-
SHA1
e059a7fd05405f30c76129bd6c1584e8a59d57cb
-
SHA256
c32c1bbae041ead274ca21f8d2ca3855262ec85bf8acf128673723a13af3759b
-
SHA512
3a9e7e3f928d9cac383a649d59bf4ee97b57029c09801720da96ba50f5bb96c6c4d4cdf8ce157882b52ee552c9ad34c5bfe9c84e3d844ed6a0fbd7aebb9f1b13
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
5781.dll.exedescription pid process target process PID 376 wrote to memory of 1068 376 5781.dll.exe cmd.exe PID 376 wrote to memory of 1068 376 5781.dll.exe cmd.exe PID 376 wrote to memory of 1068 376 5781.dll.exe cmd.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5781.dll.exe"C:\Users\Admin\AppData\Local\Temp\5781.dll.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\5781.dll.exe --nofork2⤵
-
C:\Users\Admin\AppData\Local\Temp\5781.dll.exeC:\Users\Admin\AppData\Local\Temp\5781.dll.exe --nofork3⤵