Analysis
-
max time kernel
3s -
max time network
16s -
platform
windows7_x64 -
resource
win7 -
submitted
27-09-2020 23:22
Static task
static1
Behavioral task
behavioral1
Sample
zmsv4JeS.exe.dll
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
zmsv4JeS.exe.dll
Resource
win10v200722
windows10_x64
0 signatures
0 seconds
General
-
Target
zmsv4JeS.exe.dll
-
Size
116KB
-
MD5
20ed7ed36e052a523030ae979e872793
-
SHA1
b686ea3f47c254082c584ee9d18d386af4e0c870
-
SHA256
bec5d4b9979a2094fe1062512ea2754b9ce573b879b25167fa8a4f52f350edc9
-
SHA512
7df169ae3bf9bf85205a7b5a4d5ed33aed897073dc003a7ef1eea529473fffe005b549bd72e9f098ed958c8a5232640dc12928413d0690a3b6692ffd0b32cb94
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe PID 1544 wrote to memory of 1480 1544 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1480-0-0x0000000000000000-mapping.dmp