Analysis
-
max time kernel
97s -
max time network
152s -
platform
windows10_x64 -
resource
win10 -
submitted
27-10-2020 10:10
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.ML.PE-A.22138.dll
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.ML.PE-A.22138.dll
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
SecuriteInfo.com.ML.PE-A.22138.dll
-
Size
652KB
-
MD5
b260df424a528921e9f544af273c3849
-
SHA1
85d12847d2ceefcd5ddd88c0c03b0d98bb9afc86
-
SHA256
a35b96696f5c7adc5aa856859d37e92c323b2be68c0f8d2704a4ab689ffd12b2
-
SHA512
d2327adb91949c707058ba910fed2634c631b82624127ac9d3d051a00edafbff50c19e89b39b2aee0197e1ff05dba9d3bc8e038d50cc1d5af0c3506952989ad1
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3964 wrote to memory of 4036 3964 rundll32.exe rundll32.exe PID 3964 wrote to memory of 4036 3964 rundll32.exe rundll32.exe PID 3964 wrote to memory of 4036 3964 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ML.PE-A.22138.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ML.PE-A.22138.dll,#12⤵