d770a2432391e6d4d69f9acd4ec55ea09a2831ce3027a043e40aaa513b3f1065 | Triage

Analysis

max time kernel
118s
max time network
122s
platform
windows10_x64
resource
win10
submitted
07-07-2020 05:47

Sharing

Report Analysis Logs

General

Target

SecuriteInfo.com.Variant.Mikey.113443.27435.3986.dll
Size

59KB
MD5

88a05cd8454c17e7a22d1ce8781dabdf
SHA1

85398204578c05e3d45262cb84c1feb2795fa889
SHA256

d770a2432391e6d4d69f9acd4ec55ea09a2831ce3027a043e40aaa513b3f1065
SHA512

3cbf548b1657d2db966d96974400a2a267539659f0f543a334bee7a6e0c71f0fe43fcc491d0b6de46f5a7548f3ab904b0f0eec90b24bfe8f2e376df621f0203d

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 3612 wrote to memory of 3704	3612	rundll32.exe	rundll32.exe
PID 3612 wrote to memory of 3704	3612	rundll32.exe	rundll32.exe
PID 3612 wrote to memory of 3704	3612	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Mikey.113443.27435.3986.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3612

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Mikey.113443.27435.3986.dll,#1
2⤵
PID:3704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3704-0-0x0000000000000000-mapping.dmp

Download