Analysis

  • max time kernel
    3s
  • max time network
    8s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    28-08-2020 13:18

General

  • Target

    693e56d27b658947e6a9d0f18803cc38b430a9f203ad91cb680e6ea1acafe40f.dll

  • Size

    12KB

  • MD5

    8d79d99a1571e751f2672d2689c37081

  • SHA1

    2b4d512d7218b97a8d1e6d8ed43b4ca9ba2b4b34

  • SHA256

    693e56d27b658947e6a9d0f18803cc38b430a9f203ad91cb680e6ea1acafe40f

  • SHA512

    6f5434bc4f16b05f3f62588109e5769b13172089993c85804a36359ea47c1a69b769d518921d110e4b52bf64444e834aec642ffb03f545eb756a01b0986debb7

Score
8/10

Malware Config

Signatures

  • Blacklisted process makes network request 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\693e56d27b658947e6a9d0f18803cc38b430a9f203ad91cb680e6ea1acafe40f.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1144
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\693e56d27b658947e6a9d0f18803cc38b430a9f203ad91cb680e6ea1acafe40f.dll,#1
      2⤵
      • Blacklisted process makes network request
      PID:912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads