Analysis
-
max time kernel
88s -
max time network
141s -
platform
windows10_x64 -
resource
win10 -
submitted
26-10-2020 21:06
Static task
static1
Behavioral task
behavioral1
Sample
ggf.dll
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
ggf.dll
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
ggf.dll
-
Size
667KB
-
MD5
4e8561ed0d1b409531243f19d556142c
-
SHA1
3df3def02d28e48f82de3462d262998f799344a8
-
SHA256
b6b2a6fac5b5bace7f0f498404e71e9e7cfef1b9b5c4ed0928e78974c84bd9d2
-
SHA512
93fc0aa58cd1beb77406e013e56367ca29263ef7df0567bf63e80f5354a99b4f9c2b9f1013b9d1b7fdeb7bdc2d5b4cbbe49596af946520f9dd2635da0a78febc
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3952 wrote to memory of 744 3952 rundll32.exe rundll32.exe PID 3952 wrote to memory of 744 3952 rundll32.exe rundll32.exe PID 3952 wrote to memory of 744 3952 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/744-0-0x0000000000000000-mapping.dmp