Analysis
-
max time kernel
137s -
max time network
51s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
30-05-2020 09:13
Static task
static1
Behavioral task
behavioral1
Sample
5781.dll.exe
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
5781.dll.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
5781.dll.exe
-
Size
1.1MB
-
MD5
3b14b098bd1f2f321add748d56d76604
-
SHA1
e059a7fd05405f30c76129bd6c1584e8a59d57cb
-
SHA256
c32c1bbae041ead274ca21f8d2ca3855262ec85bf8acf128673723a13af3759b
-
SHA512
3a9e7e3f928d9cac383a649d59bf4ee97b57029c09801720da96ba50f5bb96c6c4d4cdf8ce157882b52ee552c9ad34c5bfe9c84e3d844ed6a0fbd7aebb9f1b13
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes:
5781.dll.exedescription pid process target process PID 796 wrote to memory of 392 796 5781.dll.exe cmd.exe PID 796 wrote to memory of 392 796 5781.dll.exe cmd.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5781.dll.exe"C:\Users\Admin\AppData\Local\Temp\5781.dll.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\5781.dll.exe --nofork2⤵
-
C:\Users\Admin\AppData\Local\Temp\5781.dll.exeC:\Users\Admin\AppData\Local\Temp\5781.dll.exe --nofork3⤵