783dace9ccb4090a09e4f3a229eeeef14246709e25175b0ce0fe749cd736de55 | Triage

Resubmissions

15-11-2023 15:23

231115-ssstfsbf48 10

26-10-2020 10:00

201026-ltfyhgt87a 10

26-10-2020 09:57

201026-g5lkjjzlws 10

25-10-2020 21:42

201025-xtgchbgbbn 1

Analysis

max time kernel
119s
max time network
122s
platform
windows10_x64
resource
win10
submitted
26-10-2020 10:00

Sharing

Report Analysis Logs

General

Target

d9296a8ed1105c0e7908434a76681299.dll
Size

615KB
MD5

d9296a8ed1105c0e7908434a76681299
SHA1

593bd26bdc829c7633096d016012ceda1183d3f9
SHA256

783dace9ccb4090a09e4f3a229eeeef14246709e25175b0ce0fe749cd736de55
SHA512

18cdfff6d26cca2e09513def3800bab8046c1925ab4aff54cd18d6ea604f5f7315a833acbb7c51f9afdb7ebeca4ee6c9b79a0d315f8c23c12fbb4df83407c52d

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4084 wrote to memory of 3940	4084	rundll32.exe	68
PID 4084 wrote to memory of 3940	4084	rundll32.exe	68
PID 4084 wrote to memory of 3940	4084	rundll32.exe	68

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\d9296a8ed1105c0e7908434a76681299.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4084
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\d9296a8ed1105c0e7908434a76681299.dll,#1
  2⤵
  PID:3940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads