Overview

overview

8

Static

static

8

90a0498b63..._2.dll

windows7_x64

8

90a0498b63..._2.dll

windows10_x64

8

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    17-07-2020 06:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    90a0498b6351dd26caf13325fd1ab92e39dd7ba3f390ac6500602a3223b4f64d_2.dll

  • Size

    104KB

  • MD5

    f3fc5f4e79339e580707b19e8e8c7b65

  • SHA1

    2e5e8d6844fa4b91829f300766d43c0ae8d8e6c3

  • SHA256

    28ab55d5b02e319dd0e0ac3ad13e685a66ab699f880fc932a85f48bea4e425df

  • SHA512

    14601fe591fbb7b5a817c1584739330f124826abd2bf5a624b6047e7f10a1a27c56e58853c20a23eb02be45867c69616d60f3beec7e41e50b3ed7d348d38d81a

Score
8/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs
  • Blacklisted process makes network request 11 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\90a0498b6351dd26caf13325fd1ab92e39dd7ba3f390ac6500602a3223b4f64d_2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3676
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\90a0498b6351dd26caf13325fd1ab92e39dd7ba3f390ac6500602a3223b4f64d_2.dll,#1
      2⤵
      • Blacklisted process makes network request
      • Suspicious behavior: EnumeratesProcesses
      PID:3892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads