Analysis
-
max time kernel
40s -
max time network
52s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
07-07-2020 19:23
Static task
static1
Behavioral task
behavioral1
Sample
update.dll
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
update.dll
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
update.dll
-
Size
384KB
-
MD5
4df3128d3db0f609767ca8e733de8f03
-
SHA1
0b4d3667cdc2da2f93398a576c98f70ef960568d
-
SHA256
99d62f68414740eb9e6c2719cf22d67e5f5f4cb3fe0a4be34e7438d826844ff5
-
SHA512
b4ade66aad0627fa9e45b420baacd2846ceeb49512d95ce1c4ae68178daea877da99ed0503ea29cd652836f055e4cff8a8c35d229e80ba12813bf989f39f5065
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe PID 1388 wrote to memory of 1424 1388 rundll32.exe rundll32.exe