e291a146f79d927d18392a04d238d829c0df156410e4d93636aee1b5663db914 | Triage

Analysis

max time kernel
141s
max time network
56s
platform
windows10_x64
resource
win10v200430
submitted
07/07/2020, 07:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

vetu.bin.dll
Size

345KB
MD5

27fe3cb424c1711ea61eb712850bda93
SHA1

5860c128f896b7744d5c8fe148b822395c970bac
SHA256

e291a146f79d927d18392a04d238d829c0df156410e4d93636aee1b5663db914
SHA512

18f15bbb7084dc976eb25b1b3fb2543c1ae1843ed76f3efa282470c5fcd6753a7512d3bc42bbf4a64267994bcba1016f0c2423c47f3b60e201f02b67a04448fc

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4004 wrote to memory of 2000	4004	rundll32.exe	66
PID 4004 wrote to memory of 2000	4004	rundll32.exe	66
PID 4004 wrote to memory of 2000	4004	rundll32.exe	66

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\vetu.bin.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4004
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\vetu.bin.dll,#1
  2⤵
  PID:2000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads